Professor Jintai Ding peer reviews ScramFS: encryption for data at rest

By Scram Software 23 March 2018

We’re pleased to publish the peer review of Professor Jintai Ding, who has been examining the ScramFS cryptographic file system.

Professor Ding is well known as one of the world’s leading cryptographers, with numerous patents to his name and having recently made 3 submissions to the NIST Post-Quantum Cryptography Standardization. He is a Professor of Mathematics at the University of Cincinnati, holds a PhD from Yale and has guest lectured throughout the world.

We engaged Professor Ding to carefully examine the design of ScramFS, verifying the correctness of its design and accuracy of the security claims. In cryptography, peer reviews are especially important because the difference between a secure and insecure system can be as small as a tiny error or omission in its design, and there is a long history of broken security products because of design or implementation faults.

Professor Ding has now released his report, and among his findings are:

  • ScramFS is a new cryptographic file storage and sharing system, which can be used on cloud services like Google drive, such that a user can be sure that the only thing the cloud server can see are encrypted file/directory names, and contents to ensure the complete secrecy and integrity of all the data.
  • Such a system can be of great value in the current of state of prevalent cyber attacks.
  • My overall view is that the ScramFS system is a very solid cryptographic solution to the problem it intends to address.
  • ScramFS is a system very carefully designed by a top cryptographer with highest professional standard.
  • We think the system is very well planned and designed and all the key details, in particular, key derivation are clearly presented, and we did not find any bug or defect in the design.
  • We find the security analysis to be very solid and the choice of parameters to be very well justified, even in terms of future quantum computer attacks.

A full PDF version of Professor Ding’s report is available for download, along with other peer reviews, on our security analysis and peer reviews page

We are extremely grateful to Professor Ding for his expertise and contribution to ScramFS. With his peer review of our encryption system, we’re one step closer to our vision of securing the records of 1 billion people and making data breaches a thing of the past.

Leave a comment

Send us a message

The field is required.

Cant read the image? click here to refresh