TransWikia.com

Protecting personal documents in cloud

Information Security Asked by zud on January 18, 2021

I want to keep my personal documents in cloud e.g. Dropbox. But I want some of my documents be encryted and password protected, such that:
1. even if my Dropbox gets hacked, those documents still have one more security
2. I can still access the documents from another computer when needed

I looked about and found truecrypt and encrypting while compressing. Are there other easier methods?

3 Answers

There's some tools offering transparent encryption, i.e. encryption is running in the background and you don't notice it in your daily workflow.

There's VeraCrypt, which is great for using it locally. In a cloud environment, it has some usage problems, see here. Namely, it can cause re-uploading all your files even if you only changed some few, and it can cause nasty synchronization conflicts when you don't wait for it finishing synchronization before you edit your files on other computers.

A tool I used to encrypt my Dropbox for quite some time is EncFS. Although it encrypts files individually (and does not hide directory structure or file sizes), it's a great tool and does the job. Unfortunately, there has been a security audit showing that EncFS is insecure when used together with cloud storage, see here for a detailed explanation.

There is a relatively new tool that was designed specifically to be used for encrypting cloud storage. It's called CryFS. Disclaimer: I'm one of the developers. It encrypts file contents as well as directory structure, metadata and file sizes (see here for why this is a good idea). It follows established security standards and there is a scientific thesis proving its security, see here.

Answered by Heinzi on January 18, 2021

Self promotion warning

I have written a python application that aims to encrypt documents client-side before uploading it onto Dropbox. It works in a very similar fashion to the official Dropbox app where you can simply drag and drop stuff into a folder and it will sync seamlessly. It's still in a very early phase so there might be bugs though, so do take that into account.

There are a few other applications that claim to offer client-side encryption for Dropbox, such as Boxcryptor. I have not used the software though, so I don't really know how it works or if it's secure.

Answered by user10211 on January 18, 2021

GPG offers symetric encryption of single files which can be integrated with most file managers.

Ususally this works in some way where you right click on a file and select "encrypt" from a context menu. This is common with dolphin and nautilus and there is probably some solution to do this in windows explorer as well.

Alternatively there are encryption layers for file systems. In GNU/Linux for example you could use fuse encfs, to have a folder encrypted. You can set up your dropbox client to only sync the encrypted folder while working on the mounted unencripted representation.

Even easier: encfs offers a reverse view: you can take an unencrypted folder and mount it to folder which then contains a virtual, encrypted representation of the files. Have this crypto view synced via dropbox and you wouldn't even change your workflow.

Answered by Paul Hänsch on January 18, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP