0

The recent saga of big techs gaining access to user photos, voice chats or listening to people's conversation (Google Home and Amazon Echo) has made people nervous about privacy. However, the importance of the accessibility of the data from anywhere and whenever the user wants can also be not underestimated.

My question is how can we ensure that we are able to not only protect user's privacy by encrypting the data so that not even the website owners have any access to it, but at the same time the user is still able to access it from anywhere, thus keeping the flexibility of cloud?

schroeder
  • 125,553
  • 55
  • 289
  • 326
Aftab Naveed
  • 101
  • [Keybase](https://en.wikipedia.org/wiki/Keybase) is an example of such an end-to-end encrypted system. And if you're using their app it's great. But 'flexibility of cloud' implies allowing browser-based access, and their browser access is [reportedly vulnerable](https://palant.info/2018/09/06/keybase-our-browser-extension-subverts-our-encryption-but-why-should-we-care/) to attack. – gowenfawr Aug 20 '21 at 14:41

2 Answers2

1

I believe you are talking about End to End encryption.

It is possible to encrypt data inside the clients browser via a password or a pub/priv keypair that is stashed in local storage. This would allow for data to be encrypted on the client computer and then stashed on the server in such a way that it couldn't be decrypted from the server side (kindof).

The problem with this is that the server is hosting the algorithm that would encrypt/decrypt the data and it would be trivially easy for them to modify the code at a later date to steal the password or pub/priv key pair.

It might not be the company's intent to do this, but they might hire a rogue actor or be forced to include some "special" code by a nation state.

The only real way for it to be secure is for the encryption to be done via an application that the hosting provider does not have access too. For example you could use pgp to encrypt a file, and then upload that file. Any cryptography that happens in the browser itself (aside from the https communication channel) should be treated as unsecure.

CaffeineAddiction
  • 7,567
  • 2
  • 21
  • 41
  • Thanks for the answer, Yes. A Chat would be an appropriate example here when a sender sends a message only the sender the receiver has access to it. In my case it is just the user himself will have access to it based on the user/passwd credentials. However, this data will be stored on a server and when the user wants to view it in a different browser or client, it should only be accessible to him the website owners should not have the ability to view it even in the database. If we use private/public key the question now is where do we store that private key? – Aftab Naveed Aug 20 '21 at 05:03
  • "Where do we store the priv key" ... again, you dont. The browser itself should be considered unsecure. The closest thing to what your currently describing is how Bitwarden and Lastpass handle the encryption of passwords. They are in theory about as secure as you can get in a web browser. But even still, if they had a rogue actor inject some malicious code in their websites they could steal the master password and decrypt everything. The short answer to your question is ... you cant be 100% secure. The long answer is ... it depends on what flavor of "good enough" fits your usecase. – CaffeineAddiction Aug 20 '21 at 05:08
  • 1
    +1 OP, WRT `if they had a rogue actor inject some malicious code in their websites they could steal the master password and decrypt everything` - This is known as the 'browser crypto chicken-and-egg problem'. See https://security.stackexchange.com/questions/238441/solution-to-the-browser-crypto-chicken-and-egg-problem for more info, and for some ideas for solutions around this problem. – mti2935 Aug 20 '21 at 10:06
0

Here are working tested solutions:

  1. Either you trust a cloud provider which claims they encrypt files on your side with the key only you know and never get access to anything. Mega.nz is one of such cloud providers, and so far their track record has been stellar: they haven't deanonimized a single file on their platform.

  2. Or you actually encrypt everything yourself before uploading files to the cloud. You can use archivers/compressors like WinRAR or 7-zip, or use solutions like encfs in Linux.

Artem S. Tashkinov
  • 2,217
  • 6
  • 17