I would like to use a dropbox because it is easy and convenient. But I want to encrypt the files with the public key of the intended recipient, so he will be the only one who can access the data in the file.
I have not found an easy mechanism to encrypt the data before it is stored in the dropbox.
Is there an easy way to do so or is there aleady a service that supports my wish?
If you are already settled on using Dropbox, then your only choice at the moment is to use a 3rd party program such as PGP (or free/open GPG) to first encrypt the file and place it into your drop box. I know you said you wanted to use public/private keys, but as an alternative, you could also use 7-zip to create secure archives with AES encryption based on a pre-shared key (password).
If you have not yet decided on Dropbox, you can look at similar online storage systems such as SpiderOak, Cryptoheaven, Mozy or similar, which perform client-side encryption of the files prior to uploading them into the cloud. You control the encryption key, and therefore the storage providers cannot access the data. I am not sure whether you can import existing private or public keys into those solutions or not, however.
I personally have this problem which I solved it myself.
I created a program which works with GPG4Win, and encrypt all my files with my PGP Key. I can also specify which folder encrypt with which user key, quite good in my opinion.
It is a 1 way sync + encrypt from my data folder to Skydrive folder (local), then Skydrive will sync to the SkyDrive Cloud. The best part is that this program does not store your PGP key, or any cloud account password.
Experience it!
Feel free to drop a visit @ http://successreality.blogspot.sg/2013/10/encrypt-sync-4-cloud.html
True Crypt may suit your needs. It offers the ability to use keyfiles to encrypt your files which can then be stored in your drop box and shared. It also offers the ability to use tokens and smart cards to secure your files. This lets your key be passed in an out of band manner.
In my opinion the best feature of true crypt is the ability to create hidden volumes. This creates what the creators of true crypt call plausible deniability. This basically means that there is a second encrypted volume that appears to be comprised of nothing more than random data. This is created inside of your encrypted file using using the free space at the end of the first volume. It is also worth noting that several different encryption algorithms are available.
You can try:
AxCrypt by Axantum. It's free, but provides only AES-128 (not too hard). This tool may be suitable for you because it provides a portable version. Encryption and decryptionis done by two different programms (AxCrypt2Go and AxDecrypt respectively).
SafeBox is a light tool, supporting asymmetric and symmetric enctryption. Has a clear interface and detailed instructions on the site. This tool has more strong encryption algorithms. Files can be shared via any channel that supports text, or wrapped up in a container.
Give Wuala a shot. Data is encryted on the users device before uploaded to the cloud. It does not come with key-files but passwords. Maybe this is sufficient for you?
ESecureDOX provides just about exactly what you're looking for. It's a cloud storage system run by a digital certificate authority, which means that each user is assigned a free digital certificate and PKI key set when they sign up, and each document is automatically encrypted by the storage system when you upload it to the cloud. Your document can only be accessed by your user account because of the technology behind the individual encryption (asymmetric PKI), so that the encryption code for each account would have to be separately compromised in order for any data to be compromised. And that's unlikely: the encryption that it uses would take 20 mainframe computers 20 years to brute force, according to NSA estimates. This opposed to something like dropbox, which only uses SSL encryption. What that means is that if someone were to gain access to the blanket encryption that dropbox uses, every file on the system would be compromised.
As far as your concerns about sharing a document, when you share a document through ESecureDOX, only the single document is decrypted by the system, and that's done in a way that whomever receives your document is unable to edit it. This allows the sharing of documents without the concern that they'll be tampered with, and without allowing access to any files besides the one you want to share.
I apologize if this is overly dumbed down, but I just wanted to make sure that the advantages of the system were very clear. From the user interface ESecureDOX seems almost identical to already present cloud storage systems, but that's only because the PKI encryption and decryption happen behind the scenes. It can do that because the company that runs it is able to issue its own root certificates and integrate them into their storage solution without the user needing any technical knowledge of PKI or requiring them to keep track of their own keys.
Edit: for full disclosure, I do work in marketing for the company that runs ESecureDOX, Image-X Enterprises. But I haven't misrepresented how the service works in any way, and I do believe in its advantages regardless of my affiliation with the product.
Even though this is an old question, it's on the first page of search results. Here are some updated free and low-cost options for 2017.
Use an S3 bucket from AWS; server side you can have it encrypted and then to connect you can provision each other secure keys and use them for auditing and logging. With the use of Transmit you can add the bucket as a device in finder on OSX and treat it as a local drive which stores and pushes straight to the cloud.
It's the back end of dropbox, but it's dirt cheap and you can even choose the geographical region for your data centre.
Edit; For the purpose of securing communication client side while integrating with an S3 bucket, you can use the S3 client side encryption mechanisms.
I created a small tool to do this. http://www.itsencrypted.com It uses the user's public key to encrypt a key file, which unlocks the encrypted file which is also in your Dropbox. Then later he'll use the program to download it directly and unencrypt it.
Another good solution is Boxcryptor. It encrypts all your data before they are send to Dropbox (or other providers). Boxcryptor also allows you to share your data in a confidential way. Therefore it makes a public/private key pair for each user. When you want to share a file with a friend, Boxcryptor downloads the public key of your friend, encrypts the file and your friend receives and decrypts the file.
A bit late to the game, but try Turtl. Uses client-side encryption and allows easy sharing/collaboration for both files and notes. Disclosure: I'm the founder.
pCloud Transfer is also a good option. It is a simple system for securely transferring files between two parties. The files get temporarily stored in the "cloud" but you can be sure that they will be unreadable to anyone who doesn't know the password you have to provide your recipient with. It's free and requires no registration to use it. I've been using for some time now and I'm really happy with it.
