On Mon, 15 Aug 2022 00:41:55 +0200, Soviet_Mario wrote:
> On 14/08/22 21:00, user one wrote:
>> On 14/08/2022 16:03, Soviet_Mario wrote:
>> >
>> >
>> > sure, when relevant, end-to-end encryption would be safe.
>> >
>> >
>> What is "end-to-end encryption"? You only need your own data to be
>> encrypted. How did "end-to-end encryption" came into this topic?
>>
>>
>>
>>
> you have to pass the key to some other legit user to decipher the
> transmitted data, I meant
I use Mega for my cloud storage. They offer "end to end encryption", here
is their definition of "end to end encryption" and how they implement it.
I've been using their service since 2017 and I have never had an issue.
They are very upfront, if you lose/forget your password and do not have a
backup copy of your recovery key, your data is toast, gone, kaput.
#quote#
How does MEGA’s end-to-end encryption work?
MEGA implements true end-to-end encryption for the entirety of its
service. No feature-limited “crypto folders”, no shortcuts, no
compromise, even where it hurts: The unfortunate users who lost their
password and forgot to back up their recovery key can attest to that.
It follows orthodox design principles:
All encryption and decryption takes place on the user’s devices.
Cryptographic keys never leave the user’s devices unless the user
actively exports a file, folder or chat link.
Coverage
The following data held in a MEGA account is end-to-end encrypted:
File and folder names
File fingerprints
File data
Thumbnail and preview images
Chat messages
Audio/video call media streams
Key Hierarchy
Everything starts with the user’s password.
The password decrypts the account’s master key (a.k.a. Recovery Key).
The master key decrypts the account’s RSA private key as well as all file
and chat keys.
The file and chat keys decrypt their respective files/attributes and
chats.
Note that all encrypted keys are stored on MEGA’s servers. The password
is not. Therefore, no keys can be decrypted as long as the password,
which is never sent to MEGA, isn’t known.
The master, RSA, file and chat keys are all generated using
cryptographically strong pseudo-random number generators.
For more information, see our security whitepaper:
https://mega.nz/
SecurityWhitepaper.pdf
# end quote #