Local data encryption for cloud storage

Cloud Master

© Lead Image © Luciano De Polo, 123RF.com

© Lead Image © Luciano De Polo, 123RF.com

Article from Issue 188/2016

Synchronizing your data in the cloud is practical, but it's risky if you don't encrypt your data. Desktop encryption utilities offer various levels of security and ease.

Backing up data in the cloud sounds easy and useful; little wonder then that many individuals and companies take advantage of this opportunity. Companies that offer these services take your locally stored data and sync it with a storage service on the Internet – often automatically. In this way, you keep your directories synchronized without having to worry about backups. Of course, such services offer not only benefits but also risks. The burning issue to consider is: Who has access to you data?

Sometimes cloud providers automatically scan the uploaded files to check them for unacceptable content (e.g., child pornography or copyright infringement) [1]. In the first case, suspicious data is sent to investigating authorities, and in the second, the algorithm locks the sharing feature. If you opt for a free version of a service, you might start receiving advertisements based on the content of your evaluated files.

As the Snowden documents reveal, the NSA is also interested in data of any kind. From the beginning, administrators of cloud services also have had access to user data. Additionally, many companies in Europe are increasingly unsure about what happens when they offload their personal data onto servers elsewhere in the world.

Key Services

One solution is end-to-end encryption, wherein the user encrypts all the data on the local machine (with exclusive possession of the key) and then uploads to the cloud server. Some applications promise to handle the encrypted data in an easy and user-friendly way, but Linux also has on-board resources to help you achieve your goal. Here, I present a range of programs and discuss their advantages and disadvantages (see also the "Boxcryptor" box).


One of the more popular encryption programs is Boxcryptor [2]. Although the classic version [3] still supports Linux, the current versions do not. As the manufacturer states on its website: "It will not be supported on upcoming versions of these operating systems. Therefore, we can't guarantee that the Classic version will work on them." In this article, I only mention the software for the sake of completeness, because you have many other alternatives.


One candidate goes by the name of PanBox [4]. The software was released in early 2015 and was funded by Germany's Federal Department of Justice and Consumer Protection. The developers of the program, the Fraunhofer Institute for Secure Information Technology and Sirrix AG, emphasize that privacy by design was an important precondition. In other words, the software model is not privacy by policy, which would have to rely on the existence of benevolent operators or laws. Instead, its strength is its verifiability and design. The sources are available from a public archive on GitHub [5], so the code is open to examination for bugs and verification of safeguards with regard to the security of the software.

PanBox is available under GPLv3. In addition to the open source variant, an Enterprise version of PanBox specially targets public authorities and companies [6], offering access to a directory service (LDAP) and a public key infrastructure (PKI).

A ZIP file for Linux and other operating systems, which you just download and unpack into a subdirectory, is available for download from the Sirrix AG site [7]. After installing and launching for the first time (see the box "Installing PanBox"), the software checks to see whether an identity already exists on the computer. If not, it wants to know the first name, last name, and email address of the user. In the next dialog, PanBox asks you to enter a device name. This name lets you map to devices easily. The hostname is preset.

Installing PanBox

Because PanBox 1.1.0 is a Java application, you need a current version of Java. The developers recommend the Java version by Oracle. Because the software uses strong encryption, you also need the Java Cryptography Extension (JCE), which is available in the download section of Java SE [8].

You still have to satisfy other dependencies. In the ZIP file, a README lists the libraries required in Ubuntu, Arch Linux, Fedora, and Gentoo. I used Ubuntu 15.10 for the article and thus installed the following additional software:

sudo apt-get install dbus-java-bin python-appindicator python-nautilus libbluetooth-dev python-notify python-gtk2 python-dbus

To launch the software, you run the start.sh script.

Finally, you need to enter a password. According to the manual [9], the password must be at least eight characters in length and "include a random combination of upper/lower case letters, digits, and special characters." In the test, eight characters was the only discernible limit; passwords comprising only numbers or letters were accepted by PanBox without comment. After entering the password, the software displays the previously entered data and generates the identity in the next step. Finally, it opens the application window (Figure 1).

Figure 1: PanBox encrypts files on the desktop and then passes them on to Dropbox. The software is available in open source and Enterprise versions.

At first launch, PanBox will detect a Dropbox installation, at which time it looks for your existing Dropbox folder and launches a second setup wizard that proceeds to integrate your Dropbox share. The wizard requires an access token, which is a kind of password that tells the Dropbox service that PanBox is allowed to access your Dropbox account. Clicking on Refresh launches a browser, and a Dropbox website asks whether PanBox is allowed to access the service. If you allow this, the page displays the access token which you need to copy and enter in PanBox at the end of the configuration.

Although the press releases for PanBox promise a simple and user-friendly approach, I had some irreconcilable differences with the application. I began with a fresh installation of Ubuntu 15.10 as the basis. After starting the application, a white window without any menus and the tray icon appeared. The application window did not respond to my attempts to close it; even clicking on Exit in the tray icon resulted in no discernible response. Working on Ubuntu 15.10 was therefore impossible.

Under Debian the software launched and opened a functional application window. During use, it crashed repeatedly when I tried to change the language (Figure 2). Apparently, the interface still needs some work. Under the vastly simplified Directory share, the application shares a folder of your choice set up in the Shares) tab. The program distinguishes between a Dropbox share, which works only with Dropbox integration, and a Directory share, which is for users with any other cloud provider. Unfortunately, I was unable to test the implementation because of the problems already described.

Figure 2: More than once PanBox froze in the middle of its activity for no particular reason.


Cryptomator [10] offers another solution to encrypting data for the cloud. Developer Sebastian Stenzel mainly works on the software, which is available under the MIT license. The source code is on GitHub [11]. If you look at the project homepage, you will note that the authors go to great lengths to explain the cryptographic contexts. That and the fact that it is free software ensure confidence and allow third parties to develop programs that interact with Cryptomator.

Apparently the developers have put much thought into how they want to protect the software. To begin, Cryptomator generates a key from your password and a random value (salt). For this, it uses the scrypt key derivation algorithm [12], making it difficult to brute-force the key. Usually, a hash function (MD5, SHA-1, SHA-256) picks up the password together with the salt. The output from the hash function is the key.

With the use of special hardware and algorithms, attackers can try several million values per second and very quickly guess a password under certain circumstances. The Scrypt algorithm therefore performs the hash function multiple times and also uses a large amount of RAM. As a result, its slows down attempts to guess the password.

If the operator selects the correct parameters for Scrypt, even special hardware will not achieve more than a few hundred attempted guesses per second. The system later uses the key encryption key (KEK) calculated in this way to decrypt the master key.

For other cryptographic actions, Cryptomator uses the AES algorithm relying on cypher block chaining (CBC) or counter (CTR) mode. The SHA-256 hash algorithm is used as the basis for further operations and is a good choice, because it rules out many attack vectors.

A window with the mascot of the software (Figure 3) appears after installation (see the box "On Disk"). Adding a vault begins in the lower left corner. A vault is a folder in which the encrypted content is stored as well as the key. Although the key cannot be used easily for decryption because of the key generation process already mentioned, it would appear to be safer to store it outside of the directory. The vault then lies withn a folder hosted by the cloud provider.

On Disk

Two possibilities exist for installing of Cryptomator on Linux: The developers offer a ready-made package for Debian-based systems that can be installed with:

dpkg -i <filename>

The package stores the software in the /opt/Cryptomator directory. For other systems, you can launch the software's jar file by calling:

java -jar <filename>

Alternatively, you can run the file /opt/Cryptomator/Cryptomator.

Figure 3: The Cryptomator mascot appears on launch; an update function is also offered.

To create the vault, you need to specify a directory. In the second step, you create a password. The software has no restrictions in terms of the length or the characters used. Minimum requirements would be desirable: After all, despite a good derivation function such as Scrypt, simple passwords can be guessed pretty quickly.

Before Cryptomator opens the vault, it prompts you again for the password you just composed. At the same time, it activates a local WebDAV server on a random port in the background. Nautilus and Gnome Files (file manager) support WebDAV and automatically display the new directory.

For the command line, you need a program like Cadaver [13] to your manage files. When you move files from your hard disk to the WebDAV directory, Cryptomator encrypts them automatically and places them in the vault (Figure 4). After a short learning curve, Cryptomator was easy to use, with no appreciable defects, such as crashes, in the lab test. Another positive aspect is that the developers are still actively working on the software.

Figure 4: Cryptomator graphically displays the encryption activity when receiving a file. Below you can see the WebDAV server integrated in Gnome Files.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

comments powered by Disqus