Secure Cloud Storage – Mission Impossible?

Can you keep your stuff secure in the cloud?  When Google, Microsoft and other cloud providers, not to mention the NSA and GCHQ, can scan through your uploaded files, what price your privacy?

The power of Google was demonstrated when I uploaded to YouTube a video of an interview with Edward Snowden by the German television station ARD.  Within seconds of the upload, Google blocked the video, because of ARD’s copyright.  Maybe that was justifiable, maybe not (you can’t even pay to see the video legally, although you can in fact view it at www.liveleaks.com).  But clearly the scanning technology is formidable – it finds the material even if you upload only a part of the video, or an edited version.

The good news is that it is possible to encrypt your files with freely-available algorithms so secure that even the intelligence agencies could not decrypt them in times less than decades or even centuries, still less the cloud providers.  The Advanced Encryption Standard (AES) is reckoned by cryptographers to be good for at least the next thirty years, if not far more.  But how do you use it to protect your cloud property?

One way is to encrypt your files before you upload them, using the free and open-source AESCrypt tool for example (http://www.aescrypt.com) – a right-click on the file and you’re done.  That doesn’t help if you want to view files on another PC or your tablet – you’ll need to remember the passphrase and find a utility to decrypt them again, which is inconvenient, to say the least.

A second way is simply to subscribe to a cloud provider whose integrated software will handle the encryption, storage, and decryption for you. There is a number of these, both within and outside the USA.

There is a third way which enables you to encrypt your data even within a more open cloud system like Google Drive or OneDrive.  This is more flexible since you can have separate encrypted and unencrypted folders, depending on how critical the data is. Sharing with others remains easy even for the encrypted data.

All of the methods that I consider either synchronise to the cloud by default, or have a synchronisation option.

Before I go on, a disclaimer.  I am not recommending the software here above any other products, and I have no connection with any of the companies that I mention.  I am just taking as examples software that I like and that has worked for me, and that I think you might like to take a look at.  You will need to look elsewhere for comprehensive comparative reviews, but I hope this article will start you off.  With that out of the way, let’s take a look at the second and third options.

Secure Cloud Providers – End to End Encryption

Enter the specialist encrypted-storage cloud companies, of which there is quite a good range, including some recent start-ups, both in the USA and in Europe (and even in New Zealand).  This is where I declare a prejudice: I do not entirely trust companies in the US, where the laws on data management and warrantless access to data fall a long way short of the data protection legislation in Europe.  That’s just my personal preference; you may think differently, and you must make your own assessment as to which you are willing to trust.

What you need ideally is a service that provides “end-to-end” encryption, to which the provider does not have the keys.  That means that your data is encrypted on your machine, travels by a secure SSL link to the provider, and is stored encrypted on their servers.  Only you, or someone you nominate, can have access to it.  Sharing, i.e. giving someone else unencrypted access to some or all of your files, is of course a problem; fortunately there are some extremely smart ways around it.  The caveat with all these systems is of course that if you lose or forget your key, your data is toast.  There is no way of recovering encrypted data without the key – your provider won’t be able to help you, and most of them make this clear at the outset.

Just now, I’m testing Tresorit (https://tresorit.com), a recent start-up, and it looks like becoming a favourite.  It’s a Swiss-Hungarian company, so rightly or wrongly, I would trust it more than most.  They have published a white paper giving some details of the security, which is based around AES-256 (256-bit key).  The software allows you to assign folders to be “tresors” (a German word meaning a safe, or strongroom).  The great thing about this is that you can make any folder a tresor, and it will synchronise to the cloud; this is quite an unusual feature.  You get 5 GB of free storage initially, but to my delight I found that after connecting to the account from the Tresorit app on my Android (Nexus 10), the allocation was doubled to 10 GB.  I am still checking this out, but it could be a real treasure (!), and the evidence so far is that their customer service is excellent.

I also use Wuala, which is a Swiss company.  If anyone can keep secrets, it’s the Swiss.  Wuala has a workmanlike desktop interface, as well as an Android app.  Encryption/decryption is, as it should be, carried out on the client, and there is some clever sharing key management.  Some of their staff, and their mathematical and technical expertise, are drawn from ETH Zurich (the Swiss Federal Institute of Technology), and they have published some impressive papers.  There is even a web browser interface which looks and behaves like the desktop application – it’s essentially a Java application which gets downloaded when you need it.  Don’t groan – well-written Java apps in a browser can be just as secure now as a browser application written in Javascript, especially these days, when you can’t even enable Java in the browser without answering half-a-dozen security prompts and promising to be sensible for the rest of your life.  Wuala offers 5 GB free, but I decided in the end to pay for 25 GB, which wasn’t all that expensive (3 euros a month).  Have a look at http://wuala.com (not an https:// address – odd, don’t you think?  Don’t worry about it!).

Wuala uses a technique called convergent encryption to try to minimise storage on their servers.  Files, or even parts of files, that you upload are checked against what’s already in storage, and if there are duplicates, only one copy is stored.  How do they do that, if my files are encrypted, you ask?  Good question.  A file is encrypted in several stages, one of which involves encrypting it with its own hash value.  Two identical files will therefore be identical when encrypted, enabling deduplication, but will still be decipherable only by the users in possession of the hash.  There is some controversy in the cryptography community about the safety of this method, mainly based around the ability to identify files.  If a contentious file, say a copyright film or stolen copy of a document, is uploaded to the servers and the upload apparently goes very quickly, the chances are that it is already there – the duplicate has not in fact been uploaded.  Then if you know it’s already there, you may be able to identify who has it, perhaps with the cooperation of the systems staff.  So if you’re law enforcement with suspicions that someone might have a particular file, uploading a copy might be a way of finding out who.  However, even if this really works, I think you would have to be a very special and worthwhile target of investigation before any agency would bother to take the trouble.

I have also looked at SpiderOak (https://spideroak.com) and Bitcasa (https://www.bitcasa.com), both based in the US.  SpiderOak reckons to be “zero-knowledge”, i.e. they don’t have your password or key, and therefore can’t examine your data, but unfortunately they only offer 2 GB for the free account. Otherwise they look very good.

Bitcasa offers up to 20 GB free, but I have my doubts about their inability to decrypt the data in response to law enforcement requests – they don’t claim to be “zero-knowledge”, they can recover your data if you lose your password, and their website is vague about the encryption-decryption process and how they respond to subpoenas and warrants.  But have a look at them – you may decide differently.

Finally, Mega (https://mega.co.nz).  Not to be confused with MegaUpload, the contentious file-sharing service run by Kim Dotcom, and eventually shut down by the US Department of Justice, this appears to be a very security-conscious, not to say generous, New Zealand-based company.  New Zealand is of course a member of the Five Eyes intelligence community (UK, USA, Canada, Australia, and New Zealand), and I do not know much about New Zealand’s attitude to the legality of data access by their intelligence service.  Nevertheless Mega insists that data encryption occurs only on the client side, and that they have no access to the keys.  They even quote the Universal Declaration of Human Rights: “No-one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.”

To trust or not to trust?  You be the judge – read their privacy and legal pages.  On the positive side, they offer an unheard-of 50 GB in their free plan, together with web, desktop, and mobile applications.

The Third Way – DIY with Google Drive & Microsoft OneDrive

But what about all that free space you have in your Google Drive and Microsoft OneDrive?  Can you make that secure?  As it happens, yes, and for free as well.  There are two tools that I have tried: BoxCryptor and Viivo.  Both have free accounts that enable you to encrypt files into your Google Drive or OneDrive, simply by moving the files into an appropriate “BoxCryptor” or “Viivo” folder (or the “BoxCryptor Drive”).  I use BoxCryptor for OneDrive and Viivo for Google Drive.  If you want to use BoxCryptor on more than one cloud, you have to move to an (inexpensive) paid account,, but Viivo Free seems to allow multiple-cloud access.  BoxCryptor is based in Germany, therefore – guess what? – I trust it; and Viivo is part of PKWare in the US, but seems reasonably trustworthy to me.  Both applications have mechanisms for sharing.

Linux has an encrypting file system of its own, EncFS, that will apparently interface with BoxCryptor, and you can enable Google Drive on Linux by using InSync (https://www.insynchq.com), so there is something here for Linux users too.

These are examples of the three approaches that you can adopt towards making your cloud storage truly impregnable.  I hope this gives you a start in finding the system that suits you and that you are prepared to trust.  Some crafted internet searches may turn up something you like better.  With all these services, the choice comes down in the end to who you feel comfortable with; for instance, do you believe that the provider’s key system really works the way they say it does?  There are some regulations in various countries about privacy standards, particularly in health and legal services, but in the end it’s a matter of your trust and your provider’s reputation.  Consider that adverse publicity from a breach of their advertised security policy probably means the loss of these companies’ entire business.

Do encrypt your data if you can, if only to make life difficult for those law-evading intelligence services – they hate it when you do that. And don’t forget that really strong passphrase!