Secure approach to secure file storage in untrusted environments.
Switch branches/tags
Nothing to show
Clone or download
Latest commit 59cb6ac Oct 7, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin Minimal changes Sep 6, 2017
config Minimal changes Sep 6, 2017
controllers Updated Oct 17, 2017
docs Add files via upload Sep 23, 2017
models Minimal changes Sep 6, 2017
public Minimal changes Sep 6, 2017
routes Updated Oct 17, 2017
views Update sendData.pug Oct 17, 2017
.gitignore Minimal changes Sep 6, 2017
.travis.yml Update .travis.yml Oct 17, 2017 Updated Oct 17, 2017
CNAME Create CNAME Nov 27, 2017 Create Sep 23, 2017 Update Oct 9, 2017
LICENSE Minimal changes Sep 6, 2017 Update Oct 7, 2018
_config.yml Set theme jekyll-theme-minimal Sep 23, 2017
app.js Minimal changes Sep 6, 2017
package.json Update package.json Oct 17, 2017


Providing open and free file storage and sharing for everyone in the world using state of the art encryption techniques.

mozilla open leaders bheu Build Status node license gitter


Castiglione, L.M., & Romano, S.P. (2018, July). Thalos: Secure File Storage in Untrusted Clouds. In International Conference on Future Network Systems and Security (pp. 178-192). Springer, Cham.


Hey you! This is Thalos project speaking, welcome to the dark side! Ops sorry, I did it again! Never mind, welcome! ...and thank you for visiting the Thalos repository.

This README is a hub to give you some information about the project. Jump straight to one of the sections below, or just scroll down to find out more.

What are we doing? (And why?)

Who are we?

What do we need?

How can you get involved?

Roadmap & Deadlines

Get in touch


What are we doing

The problem

Nowadays it is rapidly increasing the need to store our files in remote to keep them easily available on multiple devices. Normally people do not have their own storage servers so they need to rely on someone who keep their files for them, that’s why services like Google Drive or Dropbox rapidly grew up in the technology market. At this point, we need to ask ourselves how much secure are this kind of services and what would happen to our files if someone seized storage servers or hacked into them. And, at least, how much it is really possible to trust in those companies? This project would propose a solution to this kind of problems: Thalos is storage service completely robust and secure by design.
  • Provide simple and secure storage in untrusted environments for everyone in the internet.
  • Provide the software so that everyone can set up his own Thalos storage system in few minutes

The solution

This project would propose a solution to this kind of problems: Thalos is storage service completely robust and secure by design. The chosen cryptographic algorithms and the way they are applied offer to the final user the opportunity to securely store his files remotely, denying any attempt of access them without the proper authorization. Thalos design, indeed, makes it impossible for anyone who has physical or virtual access to the servers to decrypt files without the right key and neither to establish an exact match between one specific file and its owner.
  • Build a portable internet application that provides a simple management of a remote encrypted virtual filesystem.

How it works

Thalos shows up as a service that can be easily used, in theory, by any device connected to the internet. People could easily register an account using their email address and choosing an username and a password. Once a user is registered, a master key pair is generated

  • Master private key: The private key of the pair, it belongs to the user that can unlock it trough a passphrase chosen during the creation process. It’s highly recommended to choose a passphrase different from the account passoword.

  • Master public key: As it can be guessed by its name, this is the public key of the pair, it is stored on a remote database. It could be also used for secure file sharing in future improvements.

The barely generated Master Key Pair (MKP) will be used to encrypt the user basefile, as we will discuss later. Once the MKP is generated it is possible to add a basket to user own basket list. Baskets are virtual file containers (they can be thought as very simple virtual filesystems), each basket is described by a basket description file which basically stores information about contained files including name, type, size and a pointer to the encrypted static file on the storage (attribute id) as it can be seen. Among with the basket, two new keys are generated, they are:

  • Basket Private Key: Used to decode the basket description and each file which belongs to the basket itself.
  • Basket Public Key: Used to encode the basket description and each file which belongs to the basket itself.

Basket description files are stored remotely encrypted with the basket private key.

Furthermore, a basefile is associated to each user, it is remotely stored encrypted with the Master Private Key of the user to whom it belongs. A basefile contains the basket private keys of the baskets owned by the user it is associated with.

how it works

Basket description

Uploading a file to the Thalos network

The diagram below shows how the Thalos system acts when a users uploads a file to the network trough the web interface. Last part of the sequence diagram is a pinch different from the real implementation but it clearly show how encryption system works.

Sequence upload

Roadmap and Deadlines

You can check our Roadmap here

Deadline Issue Required Skills
Short term (Mozfest) REST APIs documentation Patience
Short term (Mozfest) Build community of users Good communication
Short term (Mozfest) Build community of contributors Good communication
Short term (Mozfest) Build a (nice) Web client Javascript, HTML, CSS and a pinch of good taste
Short term (Mozfest) Roadmapping Patience
Mid term Allow multiple key management, access from multiple devices Javascript, NodeJS and cryptography
Mid term Rend confirmation code by email Javascript and NodeJS
Lonng term Build High availability Model Javascript, NodeJS and algorithms

Who are we

In Greek mythology, Τάλως was a giant automaton made of bronze to protect Crete from pirates and invaders. By adding an 'h' you get Thalos, an ambitious project that aims to protect people form (digital) pirates and oppressors.

Founder of this project is ecleipteon, an addicted to privacy and security and enthusiast student of computer science and engineering from Napoli. This project is mentored by edovio within Round 4 of the Mozilla Open Leadership program.

What do we need

You! Definitely!

We need expertise full stack developers, user experience, database maintenance, software sustainability, documentation and technical writing and project management.

We need Hardware to deploy Thalos.

We need Security and cryptography expertise - Do Thalos leak informations when deals with cryptography elaborations and keys management? Are files really stored safely?

We need Legal consultants. What would happen if terrorists used Thalos?

We'd love your feedback along the way, and of course, we'd love to keep your secrets as well.

How can you get involved?

If you think you can help in any of the areas listed above (and we bet you can) or in any of the many areas that we haven't yet thought of (and here we're sure you can) then please check out our contributors' guidelines and our roadmap.

Please note that it's very important to us that we maintain a positive and supportive environment for everyone who wants to participate. When you join us we ask that you follow our code of conduct in all interactions both on and offline.

Furthermore two mailing list have been created in order to receive feedbacks both from users and contributors about the demos. Please feel free to join them

User community:!forum/thalosbeta Contributors community:!forum/thaloscontributors

Get in touch

If you want to report a problem or suggest an enhancement we'd love for you to open an issue at this github repository because then we can get right on it. But you can also contact ecleipteon by email (lucamaria [DOT] castiglione [AT] gmail [DOT] com) or on twitter.

Thank you

Thank you so much for visiting the project and we do hope that you'll join us on this amazing journey to support people privacy.


  • README file: a document that introduces an open project to the public and any potential contributors
  • repository or repo: a collection of documents related to your project, in which you create and save new code or content
  • Roadmap: a document outlining the schedule of work to be done on a project
  • Milestone: an event or state marking a specific stage in development on the project
  • Issue: the GitHub term for tasks, enhancements, and bugs for your projects