I thought about using TrueCrypt on my DropBox but then I assumed it would be inefficient, since all the encrypted content would change if I just changed a small portion of the enclosed data. Do you have a configuration proposal that doesn't lead to DropBox having to sync for hours after changing 1KB of my 8GB of encrypted data?
Obviously, encryption of single files (instead of the whole container) would be way better in this case: mounting an image (ie. the container) on multiple computers at once is probably a pretty dangerous thing. So I would rather suggest ecryptfs (for those with a sane OS), although I have admittedly not yet tried it with DropBox.
Using TrueCrypt on DropBox in the way you describe is insecure. It leaves multiple backup copies of your TrueCrypt volume in DropBox's backups, and opens the volume key to discovery (not your passphrase necessarily, unless you change it often, just the volume/session key in the header)...
If you do this, for it to be secure, the volume key needs to change every time you edit it (i.e. you need a new volume for every upload). You should create a new truecrypt volume per "save" (i.e. every time you edit something that is encrypted, create a new truecrypt volume and put it in there and remove the old one) so that the volume/session key changes. Obviously this is more painful than the above.
In short: For stuff you need encrypted, encrypt with GPG from a local copy each time and replace the old one (new session key) or a new TrueCrypt volume (key) per instance of the data.
(PREEMPTIVE NOTE: CHANGING YOUR PASSPHRASE/KEYFILE DOES NOT CHANGE THE VOLUME KEY - I.E. THE KEY THAT THE DATA IS ENCRYPTED WITH.)
Your research appears correct.
I would however argue that using some encryption is better then no encryption.
Total security does not exist. Security eventually amounts to layers of abstraction and obfuscation.
I could gain a bit more security by naming my TrueCrypt volume 'pictures.jpg' vs 'TrueCryptVolume'.
Keep in mind the worse enemy to secure systems is the human element.
HackerNews import
albertzeyer 6 days ago | link
TrueCrypt doesn't really work because you can't mount it from several places at the same time. I looked up for other solutions which allow this (for example by doing the encryption separately for each file; but I could also think about other things). I only found http://www.arg0.net/encfs so far but I didn't tried yet. It does the encryption separately for each file. reply
kijinbear 5 days ago | link
TrueCrypt is OK if you only use Dropbox for backup. But as soon as sync comes into the picture, all hell breaks loose. Remember, a TrueCrypt volume contains an entire file system inside. File systems seriously don't like it when you modify bits and pieces of it from under their feet. You can't use any file in the volume until you've finished using the volume in the other computer. EncFS is somewhat better in terms of sync, because it encrypts each file separately. Here's a nice tutorial: http://pragmattica.wordpress.com/2009/05/10/encrypting-your-... I have ~2.5GB of encrypted files in my Dropbox, and as long as I don't try to edit the same file in two places at the same time, it works like a charm. (Conflicts can be nasty, as another comment says. But it's not as bad as TrueCrypt, because EncFS works per-file.) Editing different files at the same time, on the other hand, is kosher. There are, however, a few other problems with EncFS. First of all, you can't mount an EncFS directory tree from Windows. There's an actively developed Windows port of EncFS out there (which uses Dokan), but I've never been able to get it to work properly. Also, Windows has a maximum path length limit of 260 chars. Since EncFS pads file names with unique IVs and base64 encodes them after encrypting them, you can reach this limit after only 3-4 levels of subdirectories. Paths which are too long for Windows will simply be omitted from the Windows copy of your Dropbox folder. So if you ever treat the Windows copy as an authoritative backup, you're in for a nasty surprise. Linux is OK up to 4096 chars. I'm not sure how OSX does it. Lastly, Dropbox in Linux tends to choke when you add a large number of files with encrypted filenames. It's not uncommon for Dropbox to declare a "case conflict" in that situation when there actually isn't any case conflict. This can seriously damage your EncFS directory tree, because Dropbox adds the phrase "(Case Conflict 1)" to random files and folders. An easily solution is to stop Dropbox, add the files, and restart Dropbox again. But this can get annoying after a while. reply
bobds 5 days ago | link
That didn't sound completely right, so I checked it out. You can have a path with ~32k characters actually. http://msdn.microsoft.com/en-us/library/aa365247%28VS.85%29.... I know that not all software supports those long file/path names, so yeah, you are probably in for some surprises. reply
kijinbear 5 days ago | link
Yes, it's possible to use up to 32K characters in the path if you use the "\?\" prefix. Support for this feature may be hit-or-miss, though, so I wouldn't count on it. reply
cookiecaper 6 days ago | link
You can do this with ecryptfs, which is built into the kernel. It transparently encrypts each file in a "lower" directory; this directory is mounted to a "higher" directory where the files are transparently encrypted/decrypted as needed. It's a great solution for this kind of stuff and it lives in the kernel. You don't have to deal with FUSE or any of that. reply
pbh 6 days ago | link
encfs didn't work for me either. See this comment from a year and a half ago: http://news.ycombinator.com/item?id=895660 Dropbox supposedly encrypts server side. If you want to encrypt client-side, use SpiderOak or TarSnap. These hacks on top of Dropbox don't mesh with the semantics of Dropbox properly and will cause problems days, weeks, or months down the line unless managed extremely carefully. reply
albertzeyer 5 days ago | link
Yes, I already thought about that case. But I don't think it should be complicated to extend EncFS to handle that well (to just provide both versions to the end user in that case). reply
dermatthias 6 days ago | link
I use encFS for the sensitive files inside my Dropbox and it works really well. Because it is a per file based encryption and most of my sensitive files are rather small (<1MB), there are no (noticeable) speed problems. In combination with some (really simple) bash scripts for mount- and unmounting, this is imho a good way to encrypyt files inside your Dropbox. reply
Locke1689 6 days ago | link
Instead of attempting a nasty (and possibly insecure) workaround like this, you should use http://www.tarsnap.com/ reply
aceofspades19 5 days ago | link
If you could use tarsnap in Canada, I would totally use it reply
knight99 6 days ago | link
I am wondering how/if TrueCrypt would properly handle being synced if mounted on multiple machines at the same time. One of the biggest benefits of DropBox to me is the access the files instantly on all my computers. If I have to unmount and mount the TrueCrypt volume to change files, that benefit goes away.. What happens if I forget to unmount the volume at home, can I safely change the files while away? reply
danieldk 6 days ago | link
I tried this, and got multiple versions of the truecrypt volume file, filling up my Dropbox account. Pretty nasty, since I had to merge the changes of each variation back in one volume by hand. This article resembles the recent posts about using git on Dropbox - I wonder if people actually tried this for a longer period, because it just doesn't work, unless you mount the volume only one machine simultaneously and always sync after unmounting (easy to forget after mobile use). reply
jerrya 6 days ago | link
Yes, I took the plunge one day and put a truecrypt volume on dropbox and then put my quicken files in that truecrypt volume, and, .... Major lossage ensued when I found dropbox gave me multiple versions of that truecrypt volume. reply
Groxx 6 days ago | link
They're not. While the data spaces may not overlap, the file table very likely will (as much of it will fit in a single encryption block), so any parallel changes collide there in even the best circumstance. I program out of my TrueCrypt volume while in Windows, unmount it, and let it sync. It's a super-easy backup, and DropBox is the only one I've used that handles a 1GB file correctly, and it does it without a hitch. Worst-case-scenario is you do cause a collision, and you just mount both volumes at once and copy stuff to the one you want to keep. reply
hedgehog 6 days ago | link
Nope, you can only mount the disk one place at a time. It wouldn't be an easy thing to build. reply
*
1 point by foxhop 6 days ago | link
I guess more testing would be required to know for sure. Its good news that both services are free so it wouldn't be difficult to test out your circumstances. I use Dropbox more like a thumbdrive for temporary transfers and I like to have the warm and fuzzies that my data at rest is protected with strong encryption. reply
vibhavs 5 days ago | link
I store sensitive data in Dropbox using an OS X encrypted disk image in my Dropbox directory. It's not an elegant solution, but it gets the job done. I mount the password-protected disk image when needed, access the data, and unmount when finished. Upon unmounting, Dropbox syncs the encrypted blocks to S3, other computers, etc. (Encrypted disk-images can be fairly handy. I picked up the trick from a friend and colleague who used them to protect email and other sensitive documents on his laptop. E.g. he sym-linked Mail.app's mail directory, ~/Library/Mail, to the disk image.) reply
sunchild 5 days ago | link
Doesn't this prevent backup/syncing while the image is open? reply
daydream 5 days ago | link
Sure, but in practice for a single-user dropbox account it's not a big deal, IF you unmount the volume when you're done with it. I do the same thing that the GP does - mount the disk image, work with the files, then unmount. It's been working great for me for a while, though as the GP says it's not very elegant. reply
Derbasti 6 days ago | link
Also, this clearly breaks web access and mobile device access to your files. That said, I have been using this scheme for my most valuable data sets for about a year without problems. reply
chanux 6 days ago | link
My take on encrypting stuff on Dropbox.. http://chanux.wordpress.com/2010/10/10/portable-encrypted-vi... (It's not not just aiming Dropbox but the only place I actually use it on is Dropbox.) reply
iam 6 days ago | link
I don't profess to know much about security, but unless TrueCrypt does block-level encryption, AND dropbox does block-level syncing, wouldn't this scheme work out really poorly for storing large TrueCrypt volumes? reply
psykotic 6 days ago | link
Assuming a strong form of encryption with minimal information leakage, avalanching would imply that flipping even a single bit of plaintext in a volume of N bits would force ~N/2 bits of ciphertext to change with a distribution approaching maximum entropy. Flipping any number of bits should have the same statistical effect. Of course, that's infeasible for file system encryption and isn't how TrueCrypt works. An idea is to use a one-to-one mapping between TrueCrypt blocks and DropBox files. Write a file system watcher script that picks up changes to files in the DropBox folder and mirrors the changes to the corresponding blocks in a TrueCrypt volume that lives outside the DropBox folder. The other way around, too. Do you see anything obviously wrong-headed with this approach? I admittedly don't know the details of TrueCrypt's crypto. If it already does file-level rather than block-level encryption, these tricks wouldn't be necessary. But file-level encryption would seem to leak way too much information to satisfy the truly paranoid. reply
*
2 points by foxhop 6 days ago | link
That is a great question, If you find the answer let me know. At this point I have been playing around with 700mb file volumes. When I make an addition to the volume, it takes about 2 minutes to sync. I have not tested deletions yet. reply
hedgehog 6 days ago | link
I used to store use TrueCrypt + Dropbox to store some important files. Dropbox will detect and sync only the changed portions of your TrueCrypt volume. It takes a while (I think it does some sort of rolling checksum thing to detect differences so it has to read through the entire thing locally) but works ok. It would only sync when the volume was unmounted though. reply
Remarkbox