End to End Encrypted Cloud Storage Apps

Page content

Introduction

With end to end encrypted cloud storage, file is encrypted before upload to cloud service provider. Only you hold the key to decrypt your files, even service provider can not decrypt your files.

Note: Due to natural of end to end encryption, if you lost your key, there is no way to recover and you can not decrypt your encrypted files.

Hint: If the end to end encryption service provide provide a way to restore your password, that means the service provider store your encryption key somewhere, to avoid data leak avoid those service providers.

Tresorit and Mega are two end to end encryption service claim do not store your encryption key and provide some free storage space to try it out.

Tresorit

Tresorit is the ultra-secure place in the cloud to store, sync and share files easily from anywhere, anytime.

  • Tresorit is based at Swiss, subject to Swiss jurisdiction. Switzerland is renowned for its policy of neutrality and strong data protection laws.
  • AES-CFB mode is used for end to end file encryption. 256bit key. The integrity of the files is protected with HMAC, typically HMAC-SHA-512.
  • Two-Factor Authentication.
  • GDPR compliance.
  • Tresorit provide 3GB free storage.
  • Technical white paper

Mega

Mega provides 50GB end to end encrypted storage for free. It even opensource its source code for public audit.

  • MEGA is based at New Zealand.
  • MEGA owns and controls its server infrastructure directly and does not rely on any third-party VPS provider.
  • No user files are stored in, or made available from, the United States of America.
  • AES-CCM mode is used for end to end file encryption. 128bit key and a nonce of 64 random bits, SHA-256 salt.
  • Two-Factor Authentication.
  • GDPR compliance.
  • 50 GB FREE storage.
  • Opensource client apps. See https://mega.nz/sourcecode or https://github.com/meganz/
  • Its security white paper include technical detail how it encryption works.

Page version: efe0055 2022-02-15