How can I encrypt data in cloud storage services like Dropbox?

security encryption dropbox ubuntu-one

Solution 1:

Yes it is possible. The best way to archive this with a per file encryption is with encfs:

The general principle is that you have a (optionally hidden) encrypted folder inside UbuntuOne/Dropbox where your files are stored, but you access them though another folder, where the decrypted files are shown. Any File you add to the decrypted folder will be encrypted and put into the encrypted folder:

Decrypted folder ←encfs→ Encrypted Folder (inside UbuntuOne/Dropbox)

On another computer the encrypted folder is synced by UbuntuOne/Dropbox and can also be decrypted on the fly.

Installation:

  • Install encfs version 1.7 or greater

    sudo apt-get install encfs

  • install gnome-encfs-manager:

    sudo add-apt-repository ppa:gencfsm/ppa
sudo apt-get update && sudo apt-get install gnome-encfs-manager

Setting up the Drive on the first computer:

  • Create a (hidden) directory inside Dropbox/Ubuntu One to use as for the encrypted files
  • Start gnome-encfs-manager and set up a new stash (click on the plus sign)
  • Set the directory to encrypt to a (hidden) folder inside your Dropbox/Ubuntu one folder
  • Set the mount directory wherever you want (default is fine)
  • enter a good password (30 random chars...) and click "Create"
  • edit the new stash so it is mounted on startup and the password is saved in the gnome keyring

You should now have your encrypted drive mounted (it will be displayed like a mounted usb-drive)

Importing the drive on other computers:

  • Wait for all files to sync
  • Start gnome-encfs-manager and set up a new stash
  • Set the directory to the previously created folder inside your Dropbox/Ubuntu
  • encfs-manager will detect the drive and import it
  • Set the mount directory wherever you want (default is fine) and click "Import"
  • edit the new stash as desdribed above
  • you will be asked for your password on first mount

Cross Platform compatibility:

  • This is cross compatible with Android when using Encdroid (open source, recommended) or Cryptonite (open source). Both Android Apps support Dropbox and should also work with UbuntuOne using local folder decryption (in combination with an UbuntuOne client which syncs your files onto the SD Card)
  • This is probably also compatible with windows using encfs4win or other software.

Solution 2:

The only good way to do this is to first encrypt the files locally, then move them to the Ubuntu One folder. If you make an encrypted partition or container and then choose to sync that with Ubuntu One, you risk syncing the unencrypted data. See here for one approach using encFS. It has it's limitations though.

An alternative is SpiderOak, which works like Ubuntu One but encrypts everything before it leaves your machine. They claim they have no way to recover your data if you forget your password, and it even has two-factor authentication. Last I tried it, it would slow down my machine for several minutes after booting while it scanned my drive, but this may have been fixed by now. Also, it's 2GB free vs Ubuntu One's free 5GB.

Here is another Ask Ubuntu post detailing some of the issues you raise.

Solution 3:

I can propose you the Wuala service here: http://www.wuala.com/en as an alternative to Spideroak. Almost same functionalities.

But, if you really want to control the encryption yourself, I can propose you to use Ubuntu One and Déjà-Dup (backup tool) together. You use the server space of Ubuntu One for your data, but you upload the data through Déjà-Dup using a password. Déjà-Dup will encrypt the data with your password. I think this is the best solution: simple and secure.

Solution 4:

You could possibly make use of EncFS (http://www.arg0.net/encfs). Use the Ubuntu One directory to store the encrypted file system, while mounting it somewhere else. For example, using the following setup.

  • ~/Ubuntu One/.encrypted - the hidden encrypted files
  • ~/Ubuntu One (encrypted)/ - the visible decrypted files

This however will make the number of files, directory and file structure, and their sizes visible, so it's not an ultimate solution.

Read here for more details of how to set it up, and here for some basic information about advantages and disadvantages.

Related

Adding Disks With LVM
How to track the total network data in a month [duplicate]
how to stop apache2, mysql from starting automatically as computer starts?
How does Mac Mail's "unsubscribe" feature work?
Can I distribute Xcode at my company internally through configuration management scripts?
How can I install a whole new key (keycap, hinge, membrane) on a 2019 MBP?
How to remove Preview.app on-screen navigation toolbar?
How to make Apple Watch Stop SMS/Message Notifications from Unknown Senders?
How do I have both custom show tv art and custom episode thumbnails?
Is there a quick way to “flatten” an image in iOS
Dual SIM: How to choose phone number when replying to SMS message in Messages
Shortcut to return the cursor to the beginning of the word in text editor