Posted by Kevin on April 4, 2015.
The pressure to allow staff to use cloud storage is enormous. Not only are there strong economic arguments and business benefits, they’re going to do it anyway. So just saying No is not really an option — it’s better to have visibility into what is being used than to attempt to prevent it.
But here’s the problem. If the security team allows cloud storage, it had better understand what it is allowing — and that’s not easy. For example, once something is in the cloud it is impossible to know who else can access it. That means that either you cannot put sensitive data into the cloud, or it must be encrypted.
But encryption is difficult, and is not something you can leave to your own staff to handle alone. For this reason, many cloud providers are beginning to offer encryption as part of their service — but with one major weakness: they control the keys.
The problem here is that such companies will be required to hand over stored data and keys to any legal government request. The obvious example is the NSA in the US; but it would be the same for any government demand in any country in which they operate. In most cases, then, encryption of cloud storage offers some but not complete security.
For encryption to provide what it offers, the keys must not leave the hands of the data owner. Under these conditions, adequately encrypted data can be stored in the cloud anywhere in the world and it will remain secure.
One company now offering such a service is pCloud, based in fortress Switzerland. I spoke to CEO Tunio Zafer (by email) to get more details. Rather than comment on this ‘conversation’, here it is as delivered:
Tunio Zafer, CEO of pCloud
What is your attitude towards governments demanding the personal information of service providers’ customers? With a court order? Without a court order?
We will comply with all government-mandated orders, but due to our (purposefully) limited user information required and stored on our side, there is little information that we can provide them. Our zero-knowledge privacy structure makes it impossible for pCloud staff to access any user information held in the encrypted folders in the accounts. It will be the government’s responsibility to decrypt the files or compel the pCloud user they are questioning to disclose their private passphrase.
Let’s start with the crypto
What is it (standard near-prime, elliptic curve, other)?
4096 bit RSA to encrypt file/folder keys, 256 bit AES to encrypt data with SHA512 HMACs.
How did you develop the package (what crypto libraries did you use)?
We use OpenSSL’s RSA and low-level AES implementation.
Schneier pointed out years ago that the big difficulty in crypto is the implementation. How can you be sure you’ve got it right?
pCloud was developed by a group of highly-experienced IT specialists who’ve worked in the cloud space for a number of years. We are constantly making updates, and we ran beta versions before it was launched. We are confident that we have got client-side encryption right.
What happens to the files if the user loses his/her key?
pCloud’s zero-knowledge privacy promise stipulates that pCloud administrators cannot have access to private passphrases. If a user loses his/her passphrase, there is nothing we can do. This is why pCloud users must take extra care to choose a passphrase that will not be forgotten.
pCloud enables users to store both encrypted and decrypted files on their cloud account, so users are not required to encrypt all of their data. In fact, encrypting every file you keep in the cloud is unnecessary—not everything you have needs to be confidential. pCloud users have the unique ability to customize their encryption preferences.
Do you conform with all US laws for allowing government access?
We will fully cooperate if the US government wants access to our servers.
Do you categorically confirm that you have built no backdoors into the crypto?
Yes. Our zero-knowledge privacy prevents anyone without the specific passphrase to decrypt user files.
What would you do if presented with a court order to turn over documents?
We will comply with any court orders that are issued.
Why do you call it military-grade?
Our encryption keys are enormous— it’s like 10 powered of 76 (this is pretty big number even compared to the age of the universe, which is like 4×1026 when expressed in nanoseconds). Our zero-knowledge privacy feature will also ensure that files cannot be decrypted at any point.
Are the majority of your users private individuals who take the free package?
At this point, the average pCloud user is a private individual who takes the free package. We are currently offering a free trial to all of our users, and we expect to see a significant interest in the paid Crypto package after users try it out. As we develop our business-user capabilities, we expect to see a large increase in the number of users purchasing our Premium storage plans and the Encryption plan. Our storage plans are some of the largest and most affordable on the market, so we are confident our users will see upgrading as a wise investment in their file security.
What type of consumer takes a paid-for crypto package? Celebrities, journalists, dissidents, others?
Our target audience is any individual who has personal information that they want to keep private. To give an analogy, pCloud Crypto is perfect for those files that you would keep in a safe; things like sensitive bank, credit card, social security, or sensitive health care information. Anything you would shred in paper form should be stored in pCloud Crypto.
Extreme use case
Let’s say a dissident fighting for freedom and liberty in some tin-pot third-world dictatorship (let’s call it Britain) uses you to store highly sensitive anti-government files securely.
i) What would you do if Cameron gets his wish to ban the use of crypto in the UK?
We will probably be unable to provide encryption to UK-based customers.
ii) What would you do if the FBI gets the same wish in the USA?
We will probably be unable to provide encryption to USA-based customers.
iii) if said dissident manages to save the files to your cloud drive just as the Met hammers on his door, they can obviously confiscate his computer, but could they find remnants of the files on that computer?
The pCloud Drive would use user’s hard drive to cache some of the data. For encrypted files, only encrypted copy of the files are stored in the cache, not the plain text one.
Unless the passphrase is discovered, there will be no way for anyone to recover the files.
iv) Is the passphrase stored on the user’s PC?
No, unless the user saves the passphrase on his computer in a decrypted document.
I would imagine that business is your biggest target market (let me know if it’s something else). So, as a hypothetical use case, let’s assume an international group of 5 academic researchers in 5 different countries. The source files include PII, so encryption would ensure regulatory compliance in the majority of jurisdictions. But the researchers all need to work on the same files.
This is a scenario that we will be able to accommodate with an upcoming addition to pCloud Crypto. Our next feature is shared cryptography that will enable users to share encrypted files. Each user will have their own encryption passphrase. With their passphrases, each user will be able to open and work on the files in the encrypted folder. We plan to roll out this feature in the next few months.