Am 17.06.2013 16:16, schrieb Christoph Schäfer:
Hi all,
I'm curious about the status of the encryption app. I found several discussions
on this on the web regarding server vs client side encryption, especially
starting in the last year. Is there a roadmap or a wiki page on the current
status? I'm very curious on the progress with implementation of client side
encryption.
Further, what are the main differences to Wuala? They promote their solution by
claiming that the user's password never leaves the local client. Will OwnCloud
feature comparable client side encryption in the future as well?
I know the wuala system since a long time.
The work very differently from the ownCloud server based encryption system.
Each user has a unique encryption key which is used to encrypt the files
on disk, before sending them over the wire to the server.
When a file is shared with other members of the wuala cloud, the key of
this additional user is somehow also added to the list of keys which are
able to decrypt the content of the file.
There also exist keys for the user groups in wuala and also for public
and "shared by url" links.
This way the decryption can NOT be done on serverside, or only when one
of the keys which are allowed to decrypt the content would be present on
the server.
The users keys are not stored on the servers, so there is no way to
access the private content on server side.
For real life this has the following advantages and disadvantages when
it comes to security
and security related effects
(I don't list the other dis/advantages, since they are different for
every user)
Pro Wuala:
- Technically very secure system
- No way a server admin or hacked server would compromise your data
Contra Wuala:
- Closed source (No way to check if there are backdors in them, just the
same as with all other non-OS software)
- You need to use the Wuala servers and trust them
- No way to access unshared content from a webfrontend
- No free choice of client, since it uses a proprietary communication to
the servers
André
The technical details about the encryption tree can be found here:
http://dcg.ethz.ch/publications/srds06.pdf
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
