Client-side encryption

Last updated

Client-side encryption is the cryptographic technique of encrypting data on the sender's side, before it is transmitted to a server such as a cloud storage service. [1] Client-side encryption features an encryption key that is not available to the service provider, making it difficult or impossible for service providers to decrypt hosted data. Client-side encryption allows for the creation of applications whose providers cannot access the data its users have stored, thus offering a high level of privacy. [1] Those applications are sometimes marketed under the misleading term "zero-knowledge". [2]

Contents

Details

Client-side encryption seeks to eliminate the potential for data to be viewed by service providers (or third parties that compel service providers to deliver access to data), client-side encryption ensures that data and files that are stored in the cloud can only be viewed on the client-side of the exchange. By remaining encrypted through each intermediary server, client-side encryption ensures that data retains privacy from the origin to the destination server. [3] This prevents data loss and the unauthorized disclosure of private or personal files, providing increased peace of mind for its users. [1]

Current academic scholarship as well as recommendations by industry professionals provide much support for developers to include client-side encryption to protect the confidentiality and integrity of information. [4] [5] [6]

Examples of cloud storage services that provide client-side encryption are Tresorit, MEGA and SpiderOak. As of February 2016, neither Apple iCloud, [1] [7] [8] or Dropbox [9] provide client-side encryption. Google Drive and Google Docs [10] released client-side encryption in 2021 thereby becoming the first cloud productivity suite ever and the first major cloud storage platform to productionize client-side encryption. Google followed up by releasing client-side encrypted versions of Google Meet, Google Calendar, and Gmail. [11] As of January 2023, Google Workspace Client-side encryption is not yet available to free users.

See also

Related Research Articles

<span class="mw-page-title-main">Gmail</span> Email service provided by Google

Gmail is a free email service provided by Google. As of 2019, it had 1.5 billion active users worldwide. A user typically accesses Gmail in a web browser or the official mobile app. Google also supports the use of email clients via the POP and IMAP protocols.

End-to-end encryption (E2EE) is a security method that keeps your chats and messages secure. The end-to-end encryption system of communication where only the users communicating can read the messages. In principle, it prevents potential eavesdroppers – including telecom providers, Internet providers, malicious actors, and even the provider of the communication service – from being able to access the cryptographic keys needed to decrypt the conversation.

A file-hosting service, cloud-storage service, online file-storage provider, or cyberlocker is an internet hosting service specifically designed to host user files. It allows users to upload files that could be accessed over the internet after a user name and password or other authentication is provided. Typically, the services allow HTTP access, and sometimes FTP access. Related services are content-displaying hosting services, virtual storage, and remote backup.

The following tables compare general and technical information for a number of notable webmail providers who offer a web interface in English.

Google Workspace is a collection of cloud computing, productivity and collaboration tools, software and products developed and marketed by Google. It consists of Gmail, Contacts, Calendar, Meet and Chat for communication; Currents for employee engagement; Drive for storage; and the Google Docs Editors suite for content creation. An Admin Panel is provided for managing users and services. Depending on edition Google Workspace may also include the digital interactive whiteboard Jamboard and an option to purchase such add-ons as the telephony service Voice. The education edition adds a learning platform Google Classroom and today has the name Workspace for Education.

Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.

Cloud storage is a model of computer data storage in which the digital data is stored in logical pools, said to be on "the cloud". The physical storage spans multiple servers, and the physical environment is typically owned and managed by a hosting company. These cloud storage providers are responsible for keeping the data available and accessible, and the physical environment secured, protected, and running. People and organizations buy or lease storage capacity from the providers to store user, organization, or application data.

<span class="mw-page-title-main">SpiderOak</span>

SpiderOak is a US-based collaboration tool, online backup and file hosting service that allows users to access, synchronize and share data using a cloud-based server, offered by a company of the same name. Its first offering, its online backup service later branded "SpiderOak ONE", launched in December 2007. SpiderOak is accessible through an app for Windows, Mac and Linux computer platforms, and Android, N900 Maemo and iOS mobile platforms.

Backblaze, Inc. is an American cloud storage and data backup company based in San Mateo, California. Founded in 2007 by Gleb Budman, Billy Ng, Nilay Patel, Brian Wilson, Tim Nufire, Damon Uyeda, and Casey Jones, its two main products are their B2 Cloud Storage and Computer Backup services, targeted at both business and personal markets.

This is a comparison of online backup services.

<span class="mw-page-title-main">Cloud computing</span> Form of shared Internet-based computing

Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. Large clouds often have functions distributed over multiple locations, each of which is a data center. Cloud computing relies on sharing of resources to achieve coherence and typically uses a "pay as you go" model, which can help in reducing capital expenses but may also lead to unexpected operating expenses for users.

Cloud computing security or, more simply, cloud security refers to a broad set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services, and the associated infrastructure of cloud computing. It is a sub-domain of computer security, network security, and, more broadly, information security.

Google Drive is a file storage and synchronization service developed by Google. Launched on April 24, 2012, Google Drive allows users to store files in the cloud, synchronize files across devices, and share files. In addition to a web interface, Google Drive offers apps with offline capabilities for Windows and macOS computers, and Android and iOS smartphones and tablets. Google Drive encompasses Google Docs, Google Sheets, and Google Slides, which are a part of the Google Docs Editors office suite that permits collaborative editing of documents, spreadsheets, presentations, drawings, forms, and more. Files created and edited through the Google Docs suite are saved in Google Drive.

eM Client Desktop email client for Windows and Mac

eM Client is a Windows and macOS based email client for sending and receiving emails, managing calendars, tasks, contacts, and notes. Live chat is integrated as well. It was developed as a user-friendly alternative to existing email clients and calendar solutions.

Tresorit is a cloud storage service with end-to-end encryption.

<span class="mw-page-title-main">ProtonMail</span> End-to-end encrypted email service

Proton Mail is an end-to-end encrypted email service founded in 2013 in Geneva, Switzerland. It uses client-side encryption to protect email content and user data before they are sent to Proton Mail servers, unlike other common email providers such as Gmail and Outlook.com. The service can be accessed through a webmail client, the Tor network, or dedicated iOS and Android apps.

Cloud computing has become a social phenomenon used by most people every day. As with every important social phenomenon there are issues that limit its widespread adoption. In the present scenario, cloud computing is seen as a fast developing area that can instantly supply extensible services by using internet with the help of hardware and software virtualization. The biggest advantage of cloud computing is flexible lease and release of resources as per the requirement of the user. Other benefits encompass betterment in efficiency, compensating the costs in operations. It curtails down the high prices of hardware and software Although, there are numerous benefits of adopting the latest cloud technology still there are privacy issues involved in cloud computing because in the cloud at any time the data can outbreak the service provider and the information is deleted purposely. There are security issues of various kinds related with cloud computing falling into two broader categories: First, the issues related to the cloud security that the cloud providers face. Secondly, the issues related to the cloud security that the customers experience

Peerio was a cross-platform end-to-end encrypted application that provided secure messaging, file sharing, and cloud file storage. Peerio was available as an application for iOS, Android, macOS, Windows, and Linux. Peerio (Legacy) was originally released on 14 January 2015, and was replaced by Peerio 2 on 15 June 2017. The app is discontinued.

NordLocker is a file encryption software integrated with end-to-end encrypted cloud storage. It is available on Windows and macOS. NordLocker is developed by Nord Security, a company behind the NordVPN virtual private network, and is based in the UK and the Netherlands.

Skiff is an end-to-end encrypted email service and collaboration tool. It launched in 2021 and was developed in San Francisco, California.

References

  1. 1 2 3 4 Tunio Gaffer (2015). "Why Client-Side Encryption Is the Next Best Idea in Cloud-Based Data Security". Information Security Today. Auerbach Publications. Archived from the original on January 16, 2016. Retrieved February 21, 2016.
  2. "Spider Oak - Please stop describing your service as "Zero Knowledge" unless and ... | Hacker News". news.ycombinator.com. Retrieved 2018-07-16.
  3. "What is Client-side Encryption and Why Does It Matter?". Virtru. 2015-05-25. Retrieved 2021-05-05.
  4. Deka, Ganesh Chandra (31 October 2014). "3 Security Architecture for Cloud Computing". Handbook of Research on Securing Cloud-Based Databases with Biometric Applications. IGI Global. ISBN   978-1-4666-6560-6 . Retrieved 21 February 2016.
  5. Tobias Ackermann (22 December 2012). IT Security Risk Management: Perceived IT Security Risks in the Context of Cloud Computing. Springer Science & Business Media. pp. 136–. ISBN   978-3-658-01115-4 . Retrieved 21 February 2016.
  6. "Communications of the Association for Information Systems 13:Article 24". Cloud Computing Sicherheit: Schutzziele, Taxonomie, Marktübersicht. Fraunhofer-Institut für Sichere Informationstechnologie SIT. 2009. ISBN   978-3-9813317-0-7 . Retrieved 21 February 2016.
  7. "Does iCloud use client-side encryption?". Stack Overflow. 30 July 2012. Retrieved February 21, 2016.
  8. Tunio Zaffer (8 April 2015). "Client Side Encryption: The Latest Trend In Cloud Storage". Dataconomy. Retrieved February 21, 2016.
  9. "Can I specify my own private key for my Dropbox?" . Retrieved February 21, 2016.
  10. "Client-side encryption and strengthened collaboration in Google Workspace". Google Workspace Blog. Retrieved 2023-01-24.
  11. "Client-side encryption for Gmail available in beta". Google Workspace Updates. Retrieved 2023-01-24.


This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.