cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Want to know what we learned at IBC? Check out our learnings on media, remote working and more right here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Zero Knowledge Encryption

Zero Knowledge Encryption

PierreLeBear
Helpful | Level 5
Go to solution

I find that many Cloud services offer encryption during transfer to the service and encryption at the destination.   Dropbox does this too.   Unfortunately, the keys used at the destination are available to Dropbox.   What would make Dropbox unique is if it would offer Zero Knowledge encryption at the client.   That way all files are encrypted at the client with the customer retaining the keys.   Why is this important?  There can be bugs during transfer even if encryption is used (remember the famous OOPS with caches on internet servers offering up unencrypted data?). Also, the government can force Dropbox to deliver user data (or it may be compromised by hackers).

Dropbox with Zero Knowledge Encryption would be a market leading solution that would drive a great preference over OneDrive, Google Drive and others.  It would be the only way I would be comfortable putting my files on the cloud.

29 Replies 29

alvolalex
Helpful | Level 5
Go to solution

This is a must have option for every storing OTHER PEOPLE DATA storage.

Else it's law of life privacy violation.

I wait for someone from USA to start a court against such violation done by Microsoft, Dropbox, Google and other "storages".

OurClemonsFamily
New member | Level 2
Go to solution

I'm currently using Dropbox for non-private items.  I'm using iDrive at additional cost to have a private encrypted backup that only I have the encryption key for.  It's on me to know where the key is and have multiple backups in various places.  I have an encrypted copy of the key on Dropbox.

 

You should offer self-control of the encryption key as a user option (all their decision and responsibility) with a list of any services that could be a problem that you use.

Dropitinthebox
Collaborator | Level 8
Go to solution

boxcryptor.com works with Dropbox and can do this for you I believe, which might be a good solution for some?

 

Still, I'm also totally in favor of adding this to Dropbox natively instead of having to rely on a 3rd party solution. And totally agree with the comment made by some of the others that it's an essential option that you'd expect to see in a mature product like Dropbox.

foxclout
New member | Level 2
Go to solution

https://help.dropbox.com/accounts-billing/security/how-security-works

Dropbox doesn't provide for client-side encryption. Dropbox also doesn't support the creation of your own private keys. However, Dropbox users are free to add their own encryption.

 

I'm using Cryptomator, so I lost a few features from Dropbox to gain my privacy. Dropbox Vault is just a folder with an extra password, not encrypted, just password / pin to access it.

 

I tried to create a secret.txt file, write something on it,  "Copy Dropbox Link", and lock my vault, then, I tried to open this copied link to Private Browsing mode, and I can see what is inside secret.txt file without login to any account, such a privacy, right?

 

I still using Dropbox because it can run on multiple OS, I'm using Linux, MacOS, and sometimes Windows, but I consider to move to another provider which have e2e encryption.

Dropitinthebox
Collaborator | Level 8
Go to solution

"Status: Needs more votes" ???

 

I thought 166 votes is a LOT comparing to the number of people who are active in this section of the forum?

How many votes are required?

Whatever2018
New member | Level 2
Go to solution

The number of votes is irrelevant. Companies like Dropbox do not implement features based on user suggestions. They do so via bean counting.

 

Dropbox has over 15 million users that pay a subscription fee and nearly $2 BILLION in revenue.  That subscription payment is a "vote" for the policy of "whatever you do is fine by me."

 

They would need to lose around 1 million subscriptions explicitly due to lack of zero-knowledge encryption before they even considered implementing the idea.

 

Synopsis: If you are paying a fee now, you have already voted that everything is absolutely great and in no need of change.

dreamingenthusiast
Helpful | Level 5
Go to solution

It looks like Dropbox is bringing end-to-end encryption soon to business users but not to non-business users (article link below). Do you or anyone else know of good alternate solutions for end-to-end file system encryption?

 

https://www.techradar.com/news/dropbox-is-bringing-end-to-end-encryption-for-business-users

foxclout
New member | Level 2
Go to solution

Cryptomator and Veracrypt. I'm using Cryptomator, but it's not free on Android and Apple device.

Anyway, I'm free Dropbox user right now, I don't have any plan to back to be paid customer anymore.

MrSquish
New member | Level 2
Go to solution

You can add me to the "Down vote" for not having this option.  They bought out boxcryptor, which many of us used to add the extra layer of encryption, while still being able to use the history and version features within dropbox.  I've been a paid subscriber for years, but without this feature, it's time to move on. 

apfund
Dropbox Product Manager

I wanted to share a quick update with you: 

We have launched our end-to-end encryption in April. More details can be found here and here
High level overview: 
You can now add end-to-end encryption to team folders. The functionality is available for our Advanced, Business Plus and Enterprise customers at no additional costs. 

If there are any questions, please let me know!

Need more support?