cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
We want to hear from you on accessibility tools and features for Dropbox - get involved in the conversation here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Zero Knowledge Encryption

Zero Knowledge Encryption

PierreLeBear
Helpful | Level 5

I find that many Cloud services offer encryption during transfer to the service and encryption at the destination.   Dropbox does this too.   Unfortunately, the keys used at the destination are available to Dropbox.   What would make Dropbox unique is if it would offer Zero Knowledge encryption at the client.   That way all files are encrypted at the client with the customer retaining the keys.   Why is this important?  There can be bugs during transfer even if encryption is used (remember the famous OOPS with caches on internet servers offering up unencrypted data?). Also, the government can force Dropbox to deliver user data (or it may be compromised by hackers).

Dropbox with Zero Knowledge Encryption would be a market leading solution that would drive a great preference over OneDrive, Google Drive and others.  It would be the only way I would be comfortable putting my files on the cloud.

28 Replies 28

PierreLeBear
Helpful | Level 5

You can look at product features via vote, or like Steve Jobs as a strategic decision.  He never worried about market research to drive innovation.  Google would struggle to copy this because they count on sifting through your information to place ads.   You are not encumbered by this with a subscription model.  

Not applicable

Love the idea.

Some applications (joplinapp.org for instance) has support for dropbox but adds an encryption layer before sending the files to Dropbox - meaning that Dropbox does not have access to any keys, only the pre-encrypted data.

I'm not suggesting this as a solution, but zero-knowledge-encryption presents alot of technical challenges - foremost just handling keys in any form for 'normal' users tends to be quite hard; "forgot passphrase - how do I retrieve my data" will tend to skyrocket as a question.

But I would love too see that functionality.


nhflasun16
Explorer | Level 4

I strongly support the idea of zero-knowledge-encryption for documents saved in Drobox.  Without this type of protection, I am reluctant to save any important docs in Dropbox.  I am using Dropbox less and less because this critial feature is not available.

ITConsultingAfrica
Collaborator | Level 10

Hi nhflasun16

 

I did extensive reading about this earlier this week. While I am no expert in zero knowledge encryption, this is what I found out: There are many few cloud providers that do zero knowledge encryption. Reason for that is not so that they can spy on you. It is to provide you with a faster user experience. 

 

Also, Dropbox (and others) integrate with other providers (e.g. Adobe, Zoom, Slack, etc) and if the encryption key is with you, and not with the cloud provider (read Dropbox) then the service offering to you will be slower. 

 

If you do not like that Dropbox has access to your encryption keys, move on, and look at a provider like sync.com or others. 

 

That is my understanding, and I may be wrong. But this is OK with me, as I doubt a Dropbox engineer will want to look at my holiday photos of 2 years ago or whatever. 

 

Regards

 

Casper

FesT
Helpful | Level 6

I completley agree! This would be the a hugh selling point for dropbox!

ConF2_0
Helpful | Level 6

This is the exact idea that I wanted to share! Thank you, @PierreLeBear.  

 

And to @ITConsultingAfrica, I find your ending comments to be rude and unhelpful.  

 

            "If you do not like that Dropbox has access to your encryption

             keys, move on, and look at a provider like sync.com or others. 

             That is my understanding, and I may be wrong. But this is OK

             with me, as I doubt a Dropbox engineer will want to look at my

             holiday photos of 2 years ago or whatever." 

 

No one looks for encryption to protect family photos!  

Those of us who have to work with HIPPA laws are always looking for options to ensure privacy.  Obviously, I have looked elsewhere for this feature, but it would be awesome for me (and obviously others) if Dropbox offered it.

 

Matthias B.4
Explorer | Level 4

I'm a paying dropbox customer for many years. However, I'm now looking for an alternative because it's exactly zero-knowledge encryption that I expect from a cloud storage service.

Matthias B.4
Explorer | Level 4

@ITConsultingAfrica  Thank you I didn't know about sync.com 🙂 I just signed up!

scotia673
New member | Level 2

I just wanted to add here that I too was a Dropbox subscriber (for 6 or 7 years) but I recently switched to Sync.com for the same reason. I have always loved Dropbox's service, but I am no longer comfortable entrusting my private documents without support for this kind of encryption. To be clear, I would happily accept slower sync times and other feature limitations in exchange for this support.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    MrSquish New member | Level 2
  • User avatar
    foxclout New member | Level 2
  • User avatar
    dreamingenthusiast Helpful | Level 5
  • User avatar
    Whatever2018 New member | Level 2
  • User avatar
    Dropitinthebox Collaborator | Level 8
What do Dropbox user levels mean?