1

Google recently introduced the client-side encryption functionality in several services of Google Workspace (see https://support.google.com/a/answer/10741897?hl=en).

The purpose of client-side encryption is to encrypt data on the user side, before transmission to the server (such a a cloud service), and without transmitting the encryption key to the server. Hence the server cannot access the decryption key, and decrypt the data.

Nevertheless, the server (here Google) provides the encryption/decryption methods to the client (via the browser in the case of Workspace). We must therefore trust Google to implement these functions as expected (i.e. using state of the art encryption algo, resistant to cryptanalysis by the US authorities, etc.). In particular, there should be a guarantee of the absence of backdoors in these methods that may leak the key while encrypting/decrypting and a guarantee that Google cannot be forced by the US authorities to introduce them.

An alternative would be that the encryption/decryption methods are open source and auditable.

Do I get it wrong or the client-side encryption provided by Google does not guarantee the absence of access of the cryptographic keys by Google?

2 Answers2

1

The problem that you describe is known as the 'browser crypto chicken-and-egg problem'.

In other words, if users can't trust Google with their secrets, then how can users trust Google to serve them secure crypto code? If Google wanted to 'go rogue', they could simply program their server to serve a malicious version of their client-side crypto code, which captures the user's private key or the user's plaintext secrets, and sends these back to their server. See the linked page above for more info about this problem, and possible solutions.

mti2935
  • 21,098
  • 2
  • 47
  • 66
0

Google uses SubtleCrypto. This is a set of cryptographic functions supported by all major modern browsers. Google does not implement them. See details in the chapter Technical Architecture.

the server (here Google) provides the encryption/decryption methods to the client (via the browser in the case of Workspace)

This statement is not correct. The code of Google accesses the WebCrypto API, SubtleCrypto, to perform cryptographic operations that they need.

there should be a guarantee of the absence of backdoors in these methods that may leak the key

There is no such guarantee. They use Google Tink, which is open source and that's why we can exclude back doors at this part. But we cannot say that about the other part of their code.

mentallurg
  • 10,256
  • 5
  • 28
  • 44