Best practice for using Veracrypt on Dropbox

Question

I have a Dropbox account subscription so I have a lot of space to use and I basically put everything there. There are somethings (personal health / finance) that I want to keep protected myself so I want to use Veracrypt.

What are the best practices I should follow for keeping Veracrypt files on Dropbox? Should I use one large Veracrypt container and put everything there? Should I split up my files into smaller containers? Is there a difference? Is there significant security loss for having an encrypted file that is changing often and it's history is potentially recorded by Dropbox?

you may look into this link, https://www.cryfs.org/comparison — arif, May 26 '17 at 08:10
**Do not host an encrypted container using XTS mode on a remote server**, see [this article](https://sockpuppet.org/blog/2014/04/30/you-dont-want-xts/) for an explanation of how this leaks a huge amount of information. — forest, Jan 09 '18 at 02:56
You might want to look into Cryptomator (https://cryptomator.org/) or rclone (https://rclone.org/) — Mahn, Jan 31 '21 at 00:04

finefoot · Answer 1 · 2019-07-15T17:10:42.220

Unfortunately, I think the answer should be: Don't use a VeraCrypt container with Dropbox, at all.

According to https://www.veracrypt.fr/en/Modes%20of%20Operation.html

The mode of operation used by VeraCrypt for encrypted partitions, drives, and virtual volumes is XTS.

And also

In 2010, XTS mode was approved by NIST for protecting the confidentiality of data on storage devices [24]. In 2007, it was also approved by the IEEE for cryptographic protection of data on block-oriented storage devices (IEEE 1619).

However, Dropbox is not a regular "storage device" or "block-oriented storage device"!

In conclusion, as long as VeraCrypt is using XTS, it shouldn't be used with Dropbox. Also, see this question Is it safe to have a TrueCrypt container file synced with DropBox? as well as the blog post You Don't Want XTS.

To quote from the latter mentioned blog post:

Remember that disk encryption is designed to counter an attacker with very limited capabilities. That’s why it falls to “Evil Maids”: the threat model doesn’t really accommodate attackers with multiple bytes at the (physical) apple. But whatever margin of safety XTS gets you on physical media probably goes out the window when you stick a Truecrypt volume on Dropbox. From the vantage point of Dropbox, attackers have far more capabilities than the XTS designers planned for.

score 3 · Answer 2 · answered Jul 25 '17 at 06:31

There is something designed for exactly this purpose. It's called a sparse image bundle. This is basically a disk image split into multiple small files making sync efficient (you do not need to sync the whole image file, if something in it changes). These "images" can also be encrypted.

On OSX, you can use disk utility to create such an image. This post describes the details: http://blog.fosketts.net/2015/07/22/how-to-use-mac-os-x-sparse-bundle-disk-images/

I am sure there are solutions for this on other platforms as well.

Dan Bray · Answer 3 · 2017-09-24T16:35:36.227

2

I use a large 10 GB Veracrypt container on dropbox and I don't have any issues with it syncing, as Dropbox uploads data in small chunks. With alternatives such as; OneDrive, there is an issue because it has to reupload the entire file every time you make a change.

Even if the Veracrypt container becomes corrupted, you can still access older versions with the version history option.

edited Sep 24 '17 at 16:35

answered Sep 24 '17 at 01:17

Dan Bray

121
4

score 1 · Answer 4 · answered Apr 26 '17 at 03:41

1

A large empty container would waste bandwidth. If you absolutely have to use Dropbox instead of a secure encrypted fileserver service, I'd encrypt each batch of uploaded files individually. And since Veracrypt isn't designed for encrypting small numbers of files, I'd just use an encrypted zip file.

answered Apr 26 '17 at 03:41

Rudy

11
3

I thought of this, but the disadvantage is that I need to open each file individually then. Also, if I open an encrypted zip file, then depending on where I open it, it might get synced as plaintext. I'm not familiar with any secure encrypted fileserver, Dropbox says they're secure, why would I trust another service over Dropbox? – user668074 Apr 26 '17 at 04:56
Also, correct me if I'm wrong, but Veracrypt encrypts in independent sectors so while the initial upload might be large, it will only upload diffs when the container changes, right? – user668074 Apr 26 '17 at 05:08
If I correctly remember, encrypted zip did not have a very good reputation... But I do agree with you: Veracrypt is not designed for that use! – Serge Ballesta Apr 26 '17 at 08:14
@SergeBallesta, what do you mean when you say Veracrypt is not designed for that use? For use with a cloud sync program? For splitting up folders amongst different Veracrypt container files? – user668074 Apr 26 '17 at 10:01
You could try mega.co.nz They make a specific point of not having your keys, and all encryption is done before uploading. It seems to be exactly what you want, encrypted Dropbox. – Rudy Apr 28 '17 at 00:54
I'd not trust Mega anymore - `Kim Dotcom: ‘I don’t think your data is safe on Mega anymore’`, that was about two years ago. (e.g. https://thenextweb.com/insider/2015/07/31/kim-dotcom-i-dont-think-your-data-is-safe-on-mega-anymore). Also, if you change one bit in a VeraCrypt container, you have to re-upload the whole container. ZIP encryption shouldn't be trusted, rather use 7z with AES128. – SaAtomic May 26 '17 at 07:02

Best practice for using Veracrypt on Dropbox

4 Answers4