Client-side encryption

From HandWiki

Client-side encryption is the cryptographic technique of encrypting data on the sender's side, before it is transmitted to a server such as a cloud storage service.[1] Client-side encryption features an encryption key that is not available to the service provider, making it difficult or impossible for service providers to decrypt hosted data. Client-side encryption allows for the creation of applications whose providers cannot access the data its users have stored, thus offering a high level of privacy.[1] Those applications are sometimes marketed under the misleading term "zero-knowledge".[2]

Details

Client-side encryption seeks to eliminate the potential for data to be viewed by service providers (or third parties that compel service providers to deliver access to data), client-side encryption ensures that data and files that are stored in the cloud can only be viewed on the client-side of the exchange. By remaining encrypted through each intermediary server, client-side encryption ensures that data retains privacy from the origin to the destination server.[3] This prevents data loss and the unauthorized disclosure of private or personal files, providing increased peace of mind for its users.[1]

Current academic scholarship as well as recommendations by industry professionals provide much support for developers to include client-side encryption to protect the confidentiality and integrity of information.[4][5][6]

Examples of cloud storage services that provide client-side encryption are Tresorit, MEGA and SpiderOak. As of February 2016, neither Apple iCloud,[1][7][8] or Dropbox[9] provide client-side encryption. Google Drive and Google Docs[10] released client-side encryption in 2021 thereby becoming the first cloud productivity suite ever and the first major cloud storage platform to productionize client-side encryption. Google followed up by releasing client-side encrypted versions of Google Meet, Google Calendar, and Gmail.[11] As of January 2023, Google Workspace Client-side encryption is not yet available to free users.

See also

References

  1. 1.0 1.1 1.2 1.3 Tunio Gaffer (2015). "Why Client-Side Encryption Is the Next Best Idea in Cloud-Based Data Security". Auerbach Publications. http://www.infosectoday.com/Articles/Client-Side_Encryption.htm. Retrieved February 21, 2016. 
  2. "Spider Oak - Please stop describing your service as "Zero Knowledge" unless and ... | Hacker News". https://news.ycombinator.com/item?id=13303436. 
  3. "What is Client-side Encryption and Why Does It Matter?" (in en-US). 2015-05-25. https://www.virtru.com/blog/client-side-encryption/. 
  4. Deka, Ganesh Chandra (31 October 2014). "3 Security Architecture for Cloud Computing". Handbook of Research on Securing Cloud-Based Databases with Biometric Applications. IGI Global. ISBN 978-1-4666-6560-6. https://books.google.com/books?id=iiKXBQAAQBAJ. Retrieved 21 February 2016. 
  5. Tobias Ackermann (22 December 2012). IT Security Risk Management: Perceived IT Security Risks in the Context of Cloud Computing. Springer Science & Business Media. pp. 136–. ISBN 978-3-658-01115-4. https://books.google.com/books?id=3WFEAAAAQBAJ&pg=PA136. Retrieved 21 February 2016. 
  6. "Communications of the Association for Information Systems 13:Article 24". Cloud Computing Sicherheit: Schutzziele, Taxonomie, Marktübersicht. Fraunhofer-Institut für Sichere Informationstechnologie SIT. 2009. ISBN 978-3-9813317-0-7. https://books.google.com/books?id=JgNUcgAACAAJ. Retrieved 21 February 2016. 
  7. "Does iCloud use client-side encryption?". 30 July 2012. http://apple.stackexchange.com/questions/58508/does-icloud-use-client-side-encryption. Retrieved February 21, 2016. 
  8. Tunio Zaffer (8 April 2015). "Client Side Encryption: The Latest Trend In Cloud Storage". http://dataconomy.com/client-side-encryption-the-latest-trend-in-cloud-storage/. Retrieved February 21, 2016. 
  9. "Can I specify my own private key for my Dropbox?". https://www.dropbox.com/en/help/28. Retrieved February 21, 2016. 
  10. "Client-side encryption and strengthened collaboration in Google Workspace" (in en-US). https://workspace.google.com/blog/product-announcements/new-google-workspace-security-features. 
  11. "Client-side encryption for Gmail available in beta" (in en). http://workspaceupdates.googleblog.com/2022/12/client-side-encryption-for-gmail-beta.html.