Cloud Storage Client Side Encryption vs. End-To-End Encryption
I am sure a lot of you have heard of these two concepts, but what's the difference and which one is better? Client-side encryption is the best way to secure your files online within a cloud storage.
Well, they are two entirely different security measures just from the start.
The concept of the End-to-end encryption is that, when there's a communication between two parties, they're the only ones that can access the files. It prevents Internet providers or telecommunication providers to access the conversation or the files since they don't have the decryption keys needed to decrypt the communication.
This kind of protected communication is necessary in telecom services and cloud services. If your company doesn't offer this, there will always be a chance that someone is eavesdropping on your conversation or going through your files.
The real question is how secure is this concept with cloud service? There are multiple ways that this kind of protection could get hacked:
- End-to-end encryption guarantees that information is exchanged safely between endpoints. In any case, in an attempt to break the encryption, a meddler may mimic a message recipient (between key trade or by substituting his open key for the recipient's), so messages are scrambled with a key known to the assailant. This is known as a man-in-the-middle assault.
- Endpoint security - The end-to-end encryption does not specifically address dangers at the endpoints themselves. Every clients' PC can be hacked to take his or her cryptographic key to read the recipients' decoded messages. Indeed, even the most flawlessly encoded correspondence pipe is just as secure as the PC on the other side.
- Backdoors - Often the companies themselves implement backdoors (intentionally or non-intentionally) which can be used to bypass the encryption. In 2013, information leaked by Edward Snowden revealed that Skype had a backdoor which allowed Microsoft to hand over their users' messages to the NSA despite the fact that those messages were officially end-to-end encrypted.
The concept of client-side encryption is different, though. Your data is encrypted locally before it even starts transmitting to the other side. That also means that you are the only one that can open or access your files. This encryption can be used to create the Zero-Knowledge platforms that some of the cloud services use. It's at the moment the best security solution available out there. Security of your files is important therefore it's also relevant which cloud storage you're using.
The best cloud storages that use client-side encryption are listed down below.
pCloud utilises the so-called Crypto Folder to which you can upload your files. Those files are then encrypted by you, and only you have access to them. No one, even pCloud's administrators, will have access to your content. You also have to keep in mind that if you ever forget the password to your Crypto folder all of your files will be lost, since there's no way to open the folder without it.
Sync uses "Zero Knowledge" platform which guarantees your privacy by encrypting and decrypting your data client-side. Moreover, the encryption keys that are used to encrypt your files aren't in the hands of Sync, but only you. Even the password to your account is unknown to them.
Mega is known for its good security protocol. It uses AES encryption to secure files. In addition to that, they don't keep any of your passwords or master keys, only you have access to them. The only way to recover your lost password is with the master key which you receive upon registration. This makes Mega one of the more secure cloud services on the market.
Are you searching for a cloud storage ?
Check our top list and reviews by clicking on the buttons below.
What do you think about "Client-side encryption" ? Share your opinion in the comment section down below!