I'm planning to store my sensitive files to the cloud. I don't trust the already-made end-to-end encrypted file storage. I only trust TrueCrypt. Assuming that TrueCrypt itself is safe, would it be secure to use DropBox to synchronize in realtime the container file. In this case DropBox will have any small change to this file in their hands. Would this affect the security?
3 Answers
NO, it is not safe. Truecrypt uses the XTS block mode for encryption, which has severe problems when your adversary is able to see snapshots over time of how the data changes. In fact, an article called You Don't Want XTS, intended for software developers to learn when they can and can't use XTS, specifically uses Dropbox as an example of when NOT to use XTS. It would not be the end of the world, resulting in your password being disclosed or something, but it does bring out the worst in XTS.
To quote the article:
Again: XTS works like ECB. It’s deterministic. If you’re looking for the penguins, they’re there, but you have to look for them across time instead of space: successive writes to the same sector-block location will repeat, but encryptions of the same plaintext at different locations will be randomized.
This means that hosting it on Dropbox which will see changes over time will "see the penguins". This also makes it extremely easy to tamper with data in predictable ways. While XTS does not have the same crypto malleability issues as, say, CBC or CTR, it still has some, giving them much greater capabilities than any other attacker:
But whatever margin of safety XTS gets you on physical media probably goes out the window when you stick a Truecrypt volume on Dropbox. From the vantage point of Dropbox, attackers have far more capabilities than the XTS designers planned for.
If you need to host encrypted data on a remote server, you may want to look into duplicity, which in fact supports Dropbox natively. It provides client-side encryption, is very fast, uses incremental, revisioned backups, and signs all transfers. This makes it so that, not only is tampering impossible, but any change to data on the server is in the form of data being added, with the exception of clean-up operations. It's a very useful tool for syncing with remote servers.
I am disappointed that there are already two answers claiming that this is just fine, with no background in cryptography, assuming that because Truecrypt provides confidentiality, it should be completely fine to sync Truecrypt to. They are giving dangerously incorrect advice.
If TrueCrypt is safe then it is also safe on Dropbox if you use a strong password for encryption. However since TrueCrypt only encrypt in a container and cannot encrypt single files it can take a long time to sync the files.
- 7
- 1
-
He mentioned the content file itself, not the files contained inside. Those are an entirely different matter. Syncing them from the container to another location would compromise them. – Overmind Mar 07 '17 at 10:49
No, it would not affect the security.
Any file fragment that is transfered / synced is encrypted by TC, so there is no difference between using that type of sync and just copying the container file somewhere.
So yes, it's secure.
- 8,779
- 3
- 19
- 28
-
Unless you make some very intentional changes to the TC/VC container for testing purposes which may or may not yield any results, there is no practical danger. – Overmind Jul 17 '19 at 05:21