In Why You Need To Protect Your Data In The Cloud I have explained why it is important to protect data that you upload to the cloud. In this guide, I will show you how to implement one of the suggestions: Encryption. I'm using the cloud hosting and synchronization service Dropbox and the Open Source encryption software TrueCrypt for the example. In the end, you should be able to use the same method to protect data with your encryption software and cloud hosting provider of choice.
Lets take a look at the basics first. If you are a free Dropbox users, you get 2 Gigabytes of space. That's usually more than enough to store documents and files in the cloud. Dropbox uses encryption to protect data on their servers from unauthorized access. As I pointed out before, that may not sufficient considering that the company may decrypt all files in a legal process, which also means there is a chance that an attacker might do the same. (Dropbox has responded to the issue)
TrueCrypt is an Open Source encryption software for Windows, Linux and Macintosh that can encrypt data containers or full hard drives or hard drive partitions. Since we only have a maximum of 2 Gigabytes of storage on Dropbox, we need to create an encrypted container to store our files in.
The basic idea is therefor the following: We create a TrueCrypt container on the local system. The size depends on your preferences, I would suggest to keep it as small as possible. If you run out of space you can either increase the size of the TrueCrypt container or create a second container to store additional data in. My suggestion is a maximum size of 500 Megabytes, if you can live with less select that number. My personal container has a size of 100 Megabytes.
Download the latest version of True Crypt from the developer website. Install it and run it after installation. Locate the Create Volume button in the interface and click on it.
Click Next two times on the following screens to create an encrypted file container with a standard TrueCrypt volume (those are the default options). Click Select File and browse to a location where you want to create the new container. Make sure it is not in the Dropbox folder if Dropbox is running. You can name the container anyway you want, e.g. holiday2010.avi.
Click Next on the encryption options page unless you want to change the encryption algorithm or hash algorithm. Select the volume size on the next screen. I suggest you keep it at a few hundred Megabytes tops.
You need to enter a secure password on the next screen. It is suggested to use as many characters as possible (24+) with upper and lower letters, numbers and special characters. The maximum length of a True Crypt password is 64 characters.
Now it is time to select the volume format on the next screen. If you only use Windows computers you may want to select NTFS as the file system. If you use others you may be better of with FAT. Juggle the mouse around a bit and click on format once you are done with that.
Congratulations, the new True Crypt volume has been created.
Move your unmounted new data container to the Dropbox folder. That folder, but not its contents since Dropbox cannot access those, will now be synced with your space in the cloud. It can take minutes to hours depending on the upload speed of your Internet connection and the size of the container that you have created.
But this is a one-time transfer. Dropbox will only transfer the changed bits after the first upload. This is theoretically a security risk as well but it would require lots of energy and dedication which means it usually can be neglected for personal data.
You can now mount the container on your local system and use it normally just like any other True Crypt volume. You can add, delete or edit files in it. Whenever you unmount it, it gets synced with your Dropbox account. This means that you need to unmount it regularly before you shut down the computer in order to sync the data with Dropbox.
Install True Crypt on all your other devices to access the encrypted volume there as well. You can also copy a portable version of True Crypt to the Dropbox for direct access without installation.
The biggest problem is that you cannot access the encrypted data on Dropbox's web interface anymore. All you see is that one big encrypted container that you cannot access because you cannot run True Crypt on the cloud. There is no way around it: You either use the encrypted container for additional security, or trust the standard Dropbox encryption to access the data on the web interface as well.
You also need to make sure to mount the encrypted data container on one computer at a time. Dropbox would otherwise create a copy of the file in the Dropbox folder which would cause files becoming out of sync.
If you want that extra bit of security, and eliminate the minor chance that someone manages to decrypt your data on Dropbox, or that Dropbox decrypts the data for law enforcement, then your best bet is third party encryption of the data. It may sound complex and complicated to setup, when it is a straightforward process that's done in less than five minutes.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.