[Owncloud] Client Side encryption with OwnCloud

Paul Greindl paul.greindl at riseup.net
Fri Oct 25 16:43:39 UTC 2013


Hi Michael!

This is exactly how we thought we'd implement it :)
We'll hopefully start working on this next week!

Cheers


On 2013-10-25 18:20, Michael Grosser wrote:
> The simplest solution in my opinion is to add one functionality to the
> sync client. Having one encrypted/secure folder, which gets synced
> additionally to the usual folders a user wants. All files in the
> encrypted/secured folder will be encrypted/decrypted before the sync
> client uses them. So compatibility won't change really.
>
> secure/* -> encryption -> owncloud/secure/*-encrypted (your layer of
> de-/encrypting)
> owncloud/* -> sync-client -> server (usual sync-client functionality)
>
> This way you don't interfere with the sync functionality or the
> webinterface behaviour.
>
> For the actual encryption I would prefer gpg/pgp like asynchronous
> libs (do not try to reinvent encryption).
>
> Cheers
> Michael (scalbility-junk)
>
> On Fri, Oct 25, 2013 at 5:00 PM, Paul Greindl <paul.greindl at riseup.net> wrote:
>> Hi Klaas!
>>
>> We would try make client side encryption available for each individual file,
>> making it possible to encrypt the files you want while preserving ownClouds
>> web functionality. Then we of course need to be clear about how to use it
>> and what the encryption feature encrypts. But I think it's the best solution
>> for owncloud and leaves the freedom to decide to the user. I don't think
>> that the lack of web interface support for those encrypted files would be a
>> problem for those seeking maximum security, at least if we are clear about
>> it from the beginning.
>>
>> Thanks for your input!
>>
>> Paul
>>
>>
>>
>> On 2013-10-25 16:41, Klaas Freitag wrote:
>>> On 25.10.2013 16:16, Paul Greindl wrote:
>>>> Hi!
>>>>
>>>> That was what I was talking about, we are going to implement it.
>>>> Regarding the value, in our project it actually was a quite often
>>>> requested feature and I personally find it important, too! As I
>>>> mentioned, not all users have the possibility to host their own server.
>>>> That's why we decided to focus on encryption. It's all about security!
>>>>
>>>> What we need is the opinion of the ownCloud and sync app developers as I
>>>> guess they have been thinking about how they would like such a feature
>>>> to be implemented. Also we could check how seafile implemented their
>>>> client side encryption.
>>> Well, you would encrypt every file before you upload it with a local key.
>>> Sounds simple, is probably doable for small files, becomes tricky for larger
>>> files. You must permit uploads through the web interface and webdav.
>>>
>>> I think it does not make too much sense because you loose almost all
>>> features of the ownCloud web interface, such as viewing files, music etc.
>>>
>>> Klaas
>>>
>>>>
>>>> On 2013-10-25 15:47, Bernhard Posselt wrote:
>>>>> Iirc The general opinion was that we focus more on bug fixing than on
>>>>> features that are very likely to come with tons of bugs, are hard and
>>>>> time intensive to implement and add little value to the overall user
>>>>> experience
>>>>>
>>>>> Chris <fisch.666 at gmx.de> schrieb:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> there are some discussion about client-side encryption available at the
>>>>>> bugtrackers:
>>>>>>
>>>>>> https://github.com/owncloud/core/issues/106
>>>>>> https://github.com/owncloud/mirall/issues/275
>>>>>>
>>>>>> but i don't know if there are any real plans for client-side
>>>>>> encryption at
>>>>>> the moment.
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> View this message in context:
>>>>>>
>>>>>> http://owncloud.10557.n7.nabble.com/Client-Side-encryption-with-OwnCloud-tp11109p11110.html
>>>>>>
>>>>>> Sent from the ownCloud mailing list archive at Nabble.com.
>>>>>> _______________________________________________
>>>>>> Owncloud mailing list
>>>>>> Owncloud at kde.org
>>>>>> https://mail.kde.org/mailman/listinfo/owncloud
>>>>> _______________________________________________
>>>>> Owncloud mailing list
>>>>> Owncloud at kde.org
>>>>> https://mail.kde.org/mailman/listinfo/owncloud
>>>>
>>>> _______________________________________________
>>>> Owncloud mailing list
>>>> Owncloud at kde.org
>>>> https://mail.kde.org/mailman/listinfo/owncloud
>>>
>>> _______________________________________________
>>> Owncloud mailing list
>>> Owncloud at kde.org
>>> https://mail.kde.org/mailman/listinfo/owncloud
>>
>> _______________________________________________
>> Owncloud mailing list
>> Owncloud at kde.org
>> https://mail.kde.org/mailman/listinfo/owncloud
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud




More information about the Owncloud mailing list