IDriveSync brings Private Key Encryption to Cloud Storage, Sync and Sharing
February 25, 2013
We know there’s always a concern about privacy when you upload stuff to cloud services. Luckily, we’ve got a way for you to keep your digital goodies under lock and key. Literally.
New accounts with IDriveSync now have the option of Private Key Encryption. This new feature will allow users to encrypt their data with AES-256bit encryption with a key known only to them. That means no-one but you can access it. Not us. Not hackers. Not the government. Not even the Borg.
Well, maybe the Borg, but even they’d have trouble.
Here’s how it works
Think of encrypted data like a jigsaw puzzle. Unencrypted, the puzzle is complete and easy to understand. Encryption jumbles the pieces all up, but puts numbers on the back so they can be reorganized easily. We’re using AES-256 bit encryption, which is basically the most difficult jigsaw puzzle ever devised. Private Key Encryption means those numbers are invisible to everyone, except the person with the key (that’s you!).
How to get started
When you create a new account, you’ll have the option for Default Encryption or Private Key Encryption. (what’s the difference?).
Once you select Private Key Encryption, you’ll be asked to enter a key. The key is like a password; it can be anything you want it to be, but you should keep a copy of it in a safe place or else you’ll lose access to your data. We don’t store your key on our servers, so if you lose it… It’s gone.
You’ll be prompted for that key the next time you log in (See? We told you not to forget it!) so that we can retrieve your data. Otherwise, you’ll only be able to access your account through your connected devices (like the IDriveSync phone or desktop app) if you are already logged in on those devices.
You can create private encrypted accounts from your iOS and Android apps as well.
If it is not stored on our servers, how is it verified?
IDriveSync does not store your private encryption key directly on its servers. We use a special technique to further encrypt your private encryption key so that it can be used only for verification purposes and cannot be retrieved by anyone.
Do we store the key on devices?
On your Mac and Windows machines and mobile devices, your private encryption key is stored encrypted for repeat usage so that you don’t have to provide the key every time you access.
How sharing works
Since your data is stored in an encrypted format with a key known only to you, you cannot share your data as is. However, by allowing us to store an encrypted version of your private key (with explicit permission), seamless sharing of files and folders can be enabled so recipients can access and view data shared with them.
If private key is stored for sharing (with permission), what happens next?
You have the option to clear the encryption key stored for sharing purposes.
After you disable all shared access to your account data from the share management screen on IDriveSync’s website, you will have an option to clear the encryption key from our database. To do this, log in to your account and go to Activity > Shares. From there you can delete all share activity by clicking the beside each shared file or folder.
Once all shares are deleted, you will be presented with an option to clear your encryption key.
APIs now support Private key Encryption
IDriveSync now supports Private Key Encryption for its publicly available APIs as well. Here is an example of a REST API call to upload a file using private encryption.
Syntax for ‘uploadFile’ API:
https:// <server address>/evs/uploadFile
Use getServerAddress API to retrieve the IDriveSync server address.
HTTP method: POST
|id||username or email address|
|pvtkey||private encryption key is an optional parameter and is not required if you opt for the default encryption key during your IDriveSync account sign up|
|p||location (folder path) in your account where the file will get uploaded.|
For more details on APIs, please see IDriveSync APIs.
We think IDriveSync now provides the best option for privacy and security with the username / password based access to cloud storage and sync, and the optional private key encryption. So if you need place to store your top secret information (like, say, a cache of video and pictures of a popular human activity that might raise a few eyebrows if found on your hard drive) with absolute privacy, IDriveSync has you covered. With Out of Box Sync, better performance, better pricing, single link sharing for multiple data items and timeline view for media, we are trying to offer a unique and a compelling solution.
Feel free to share your feedback!