End-to-End Crypto: File Storage

FileVault for macOS

As part of an ongoing series, we’re highlighting the benefits and advantages of various end-to-end encryption tools for messaging, file storage, and secret management.

When people talk about end-to-end encryption, they’re often talking strictly about messaging: transmitting data from point A to B. The idea is that you encrypt data on one end, send it along through one (or more) trusted (or otherwise) communication channel(s), and the recipient decrypts it at the other end. This helps ensure no one but the intended party can eavesdrop on or manipulate the message.

More often than not, the “ends” in this model are two different individuals trying to communicate securely. In a similar model, though, both ends can be the same individual but in two different periods of time.

File Storage

Instead of thinking of end-to-end encryption with a communication model, think of it with a time model. You are both points A and B. Instead of a separation of distance and communication protocols, you’re dealing with a separation of time and physical access.

We’re protecting long-lived data in this situation, making sure to encrypt it at rest when you’re not using it. The technology to do so is readily available -- some is even built in to operating systems. Let’s look at some options for keeping your files and data safe when you’re not at the computer.

BitLocker / FileVault

We’ve previously walked through the steps required to fully encrypt your primary hard disk using BitLocker (on Windows) or FileVault (on macOS).  These tools are the easiest way possible to protect file storage on your machine.

Both applications protect the entire hard disk between boots; you enter a secret decryption key when booting. This can be the same as the password used to log in, a different key entirely, or even an external key (like a USB drive required at startup). Without the decryption key, the data on your disk is inaccessible to anyone.

Once unlocked, however, your hard disk is fully available; the full disk encryption is entirely transparent to you. You are, in essence, both ends of the encryption for your disk. In the intervening time between when you use your computer, all of the data is safely encrypted and secure.

TrueCrypt / VeraCrypt

TrueCrypt was a third party solution to enable encryption of both the system drive and individual user drives and folders on Windows. When Microsoft dropped support for Windows XP in 2014, TrueCrypt ceased active development. However, many still trust it today to protect various drives and files on their harddisk.

Ceasing development means that TrueCrypt itself potentially contains unpatched security vulnerabilities. However, some developers still recommend TrueCrypt as a stable, secure, independently audited security product.

That being said, a handful of developers actually forked TrueCrypt to create VeraCrypt, which is still in active development today. Like its predecessor, VeraCrypt is available for both Mac and Windows. It’s open source, and allows for encrypting both system drives and individual folders/partitions. Also like its predecessor, VeraCrypt has undergone independent audits and focuses on keeping its source (and its users’ data) safe.

EncFS

EncFS encrypts users’ files and folders at a level beyond the system kernel’s full disk encryption. When EncFS is running, it manages two directories -- one is the real encrypted directory, the other is a mirrored virtual directory containing the decrypted contents.

EncFS encrypts individual files, by translating all requests for the virtual EncFS filesystem into the equivalent encrypted operations on the raw filesystem. (Source)

EncFS is open source and runs atop a filesystem abstraction called FUSE that works with both Linux and Mac. There are also ports of FUSE for Windows, allowing EncFS and other implementations to run just as efficiently regardless of operating system choice.

Keybase

One of the new players in the encryption ecosystem is Keybase, both an application and a directory for cryptography practitioners. The initial release supported the publication, distribution, and verification of PGP keys for things like code signing and encrypted email. Keybase lets anyone publicly claim ownership of their social media accounts and cross-verify that ownership with peers. This makes it easier to identify that the PGP key you think belongs to someone actually does before you use it for secure communication.

Eric Mann's Keybase Profile

My Keybase profile lists my various social identities and my primary PGP key that I use to sign and encrypt email.

The Keybase platform is always growing, though. In addition to PGP verification, Keybase has introduced encrypted peer-to-peer chat and encrypted file storage. With Keybase’s encrypted filesystem, you can write files to the cloud that are signed with your private PGP key. The files are also encrypted with keys unique to the individuals to whom you’ve granted access.

The Keybase servers do not have private keys that can read this data. Nor can they inject any public keys into this process, to trick you into encrypting for extra parties. (Source)

Keybase takes the idea of end-to-end encrypted file storage to the next level by allowing different individuals to be at either “end” of the transfer.

Is it enough?

End-to-end encryption is about more than just messaging and chat. Keeping data safe from point A to point B is important whether the points are different people at the same time, or the same person at different moments in time. Tools like BitLocker and FileVault help protect your system data from manipulation between boots. Tools like VeraCrypt, EncFS, and Keybase help protect your personal files from leaking and manipulation when you’re not using them.

Encryption of real-time messaging and long-lived file storage at rest is a solid start to keeping data safe, but it’s far from the end.

Come back next week for a discussion of protecting data is both real-time and long-lived -- your email.