Client-side encryption
Client-side encryption is the cryptographic technique of encrypting data on the sender's side, before it is transmitted to a server such as a cloud storage service.[1] Client-side encryption features an encryption key that is not available to the service provider, making it difficult or impossible for service providers to decrypt hosted data. Client-side encryption allows for the creation of applications whose providers cannot access the data its users have stored, thus offering a high level of privacy.[1]
Applications utilizing client-side encryption are sometimes marketed under the misleading or incorrect term "zero-knowledge",[2] but this is a misnomer, as the term zero-knowledge describes something entirely different in the context of cryptography.
Details
Client-side encryption seeks to eliminate the potential for data to be viewed by service providers (or third parties that compel service providers to deliver access to data), client-side encryption ensures that data and files that are stored in the cloud can only be viewed on the client-side of the exchange. This prevents data loss and the unauthorized disclosure of private or personal files, providing increased peace of mind for its users.[1]
Current recommendations by industry professionals as well as academic scholars offer great vocal support for developers to include client-side encryption to protect the confidentiality and integrity of information. [3][4] [5]
Examples of services that use client-side encryption by default
Examples of services that optionally support client-side encryption
- Apple iCloud offers optional client-side encryption when "Advanced Data Protection for iCloud" is enabled.[10][11]
- Google Drive,[12] Google Docs,[12] Google Meet,[13] Google Calendar,[13] and Gmail[13] — However, as of Jul 2024, optional client-side encryption features are only available to paid users.[14]
Examples of services that do not support client-side encryption
Examples of client-side encrypted services that no longer exist
See also
- End-to-end encryption – the encryption of data between two different clients that are communicating with each other
- Homomorphic encryption
References
- ↑ 1.0 1.1 1.2 Tunio Gaffer (2015). "Why Client-Side Encryption Is the Next Best Idea in Cloud-Based Data Security". Auerbach Publications. http://www.infosectoday.com/Articles/Client-Side_Encryption.htm. Retrieved February 21, 2016.
- ↑ "Spider Oak - Please stop describing your service as "Zero Knowledge" unless and ... | Hacker News". https://news.ycombinator.com/item?id=13303436.
- ↑ Deka, Ganesh Chandra (31 October 2014). "3 Security Architecture for Cloud Computing". Handbook of Research on Securing Cloud-Based Databases with Biometric Applications. IGI Global. ISBN 978-1-4666-6560-6. https://books.google.com/books?id=iiKXBQAAQBAJ. Retrieved 21 February 2016.
- ↑ Tobias Ackermann (22 December 2012). IT Security Risk Management: Perceived IT Security Risks in the Context of Cloud Computing. Springer Science & Business Media. pp. 136–. ISBN 978-3-658-01115-4. https://books.google.com/books?id=3WFEAAAAQBAJ&pg=PA136. Retrieved 21 February 2016.
- ↑ "Communications of the Association for Information Systems 13:Article 24". Cloud Computing Sicherheit: Schutzziele, Taxonomie, Marktübersicht. Fraunhofer-Institut für Sichere Informationstechnologie SIT. 2009. ISBN 978-3-9813317-0-7. https://books.google.com/books?id=JgNUcgAACAAJ. Retrieved 21 February 2016.
- ↑ "What is Tresorit". Tresorit. 2023. https://support.tresorit.com/hc/en-us/articles/216113777-What-is-Tresorit#:~:text=We%20use%20client-side%20encryption,access%20the%20data%20you%20store.
- ↑ "Mega Security Whitepaper". MEGA. 2022. p. 21. https://mega.nz/SecurityWhitepaper.pdf.
- ↑ "Cryptee Security". Cryptee. 2024. https://crypt.ee/security.
- ↑ "Cryptomator Github". Cryptomator. 2024. https://github.com/cryptomator/cryptomator.
- ↑ "Apple advances user security with powerful new data protections". Apple. 2022. https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/.
- ↑ "How to Enable Advanced Data Protection on iOS, and Why You Should". EFF. 2023. https://www.eff.org/deeplinks/2023/05/how-enable-advanced-data-protection-ios-and-why-you-should.
- ↑ 12.0 12.1 "Client-side encryption and strengthened collaboration in Google Workspace" (in en-US). https://workspace.google.com/blog/product-announcements/new-google-workspace-security-features.
- ↑ 13.0 13.1 13.2 "Client-side encryption for Gmail available in beta" (in en). https://workspaceupdates.googleblog.com/2022/12/client-side-encryption-for-gmail-beta.html.
- ↑ "About client-side encryption" (in en). https://support.google.com/a/answer/10741897?hl=en.
- ↑ "Can I specify my own private key for my Dropbox?" (in en-US). https://help.dropbox.com/security/how-security-works#:~:text=Dropbox%20doesn't%20offer%20client,the%20file%20and%20container%20level..
- ↑ "SpiderOak Cross Clave". SpiderOak Cross Clave. 2024. https://crossclave.com.
 |  |
