6

Consider the following scenario:

I use a cloud service that is not considered secure (meaning no encryption whatsoever) i.e. Dropbox, OneDrive, Google Drive etc. In my account I have a .zip or .7z file that is encrypted using a very strong password. For the sake of argument, let's say that I used PeaZip to create this file.

My question is: How safe should I feel? In the case where my account is breached, should I feel safe that this particular file will not be breached (baring in mind that the password is indeed unique and very very strong). Is this kind of measure acceptable if one cares about his/her privacy?

Aventinus
  • 329
  • 4
  • 14
  • This is generally the point of using encrypted zip files - they are designed so you can pass them around over insecure channels, or leave them in insecure locations. Assuming no flaws in the encryption, and no daft mistakes like putting the password in a text file in the same place, the only way to get access to the file contents should be brute force. Zip encryption by default allows access to the filenames, though, which can be a problem in some cases. – Matthew Jun 07 '16 at 15:20
  • "Zip encryption by default allows access to the filenames". This can be solved by using a zip inside a zip :) Right? *paranoid look* – Aventinus Jun 07 '16 at 15:33
  • @Aventinus in what context ? "zip file with strong password" for your holiday photos... sure, why not. "zip file with strong password" for storing confidential company information (or worse, PCI-DSS or other regulated data) ... no way ! – Little Code Jun 07 '16 at 20:06

2 Answers2

7

Privacy and confidentiality are different things...

A Zip file, even encrypted, is still there, and onlookers may observe not only the archive presence, name and size, but also the individual names and sizes of files within the archive, because these are not encrypted.

Traditional Zip encryption is weak and can be broken within a few minutes, regardless of how strong the password is — a good example of why homemade ciphers are an abomination. Some Zip-aware software can do better (e.g. with AES), but this may limit interoperability. For instance, Windows's explorer cannot open Zip archives encrypted with something else than the weak traditional stream cipher.

The normal, pervasive defence system of most people is to be utterly boring, thus making it unlikely that any potential attacker would bother trying to unlock their secrets. Yet, if you believe that an hostile adversary may actually try to learn your data and has access to your files stored in your cloud service, then you might consider making an unencrypted Zip archive, then encrypting that archive as a whole with GnuPG. GnuPG, among its many options, can do password-based symmetric encryption (with the -c command-line option) and does it reasonably well. The presence and size of the archive will still be known to eavesdroppers, as well as the archive file name, but archive contents, including individual file names and sizes, will be protected.

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
1

Dropbox and others have encryption by default, but if your account has-been compromised, you lost one layer of security.

Are you familiarized with the concept "Security in depth"? It Means That You need to add layer after layer (like an onion) to feel more secure.

Maybe you need is a very strong password to secure your Dropbox account. Then you need to encrypt your files .7z With another very strong key. Then you need to encrypt the encrypted files too, and do not tell to anyone that you have this account or these files on that cloud. And so on... layer after layer.

Like always, it depends of how paranoid you woke up today.

Rodrigo Calvo
  • 141
  • 4
  • IMO, the dropbox admins are the people you are trying to protect your data from, so any encryption offered by dropbox is worth roughly nothing. – Mike Ounsworth Jun 07 '16 at 15:28
  • "it depends of how paranoid you woke up today". Exactly. I feel very paranoid today but imo the key is to balance security with practicability. Security in depth sounds awesome at first and then not so much when you need a certain file twice or thrice a day. – Aventinus Jun 07 '16 at 15:32
  • 1
    Yeah, you need to find out the balance between paranoid and practicability. If you are too paranoid, you don't trust in your browser (Chrome in special), you don't trust in your cloud provider, and you don't trust in your ISP neither in your WiFi connection (maybe it has been hacked) . So, where to put the border line? It depends in how value have your data. – Rodrigo Calvo Jun 07 '16 at 15:39
  • Dropbox uses deduplication techniques, so it cannot really securely encrypt data at rest. What it does is standard link/transport encryption via HTTPS/TLS. Dropbox can and did access users' files. All big US companies already snitch on users if their files match hashes of child porn. – Arc Jun 11 '16 at 04:07
  • Yeah, but the content still encrypted for anyone outside Dropbox. – Rodrigo Calvo Jun 11 '16 at 05:21
  • @Archimedix No matter what 3rd party cloud you use, their system admin will have access to the raw files - they have to. Companies will not readily give out users information unless a warrant has been handed to them. Facebook for example can give out the info, but it needs to be highly scoped (like this post on this day at this time) and has a formal warrant. They don't just hand over their whole database – Kellen Stuart Dec 24 '16 at 17:50
  • @KolobCanyon this is why there are third-party products to store encrypted data at Dropbox et al, e.g. Boxcryptor (no idea how good that is though...), and there are even cloud services that promise end-to-end encryption with special client software to decrypt incoming data & encrypt data before it hits the net, though that software could be backdoored. Additionally, cloud services can be designed such that admins only have access to encrypted data but no keys while support has no access to data but have decryption privileges so that no single person can access data. – Arc Dec 24 '16 at 18:10