Our organisation aykit is developing ownCloud notes applications for mobile devices. aykit is a non-profit organisation and we invest our spare time to develop those applications. The last couple of weeks we spent some time trying to figure out what exactly ownCloud encryption is doing. As it turns out, there is a big misconception of the real purpose of the ownCloud encryption app.
ownCloud encryption has been designed to encrypt data on external storage devices. This is crucial as it does not secure data on internal storage.
The encryption app does not protect your data if your ownCloud server is compromised. This would require client side encryption, which this app does not provide
In fact, ownCloud stores your “private key” (the key input by the user when connecting to ownCloud) on the hard disk. I repeat, the key is stored on the hard disk, not even in RAM. This makes it easy for everyone having server access to decrypt the data and has been confirmed during a chat session with our team member ramsch:
[12:21pm] ramsch: Hej there. Is the user’s key stored in ram or on disk during a session (concerning encryption)?
[12:22pm] MorrisJobke: ramsch: yes
[12:22pm] ramsch: ram or disk?
[12:22pm] MorrisJobke: it's stored in the session
[12:22pm] ramsch: So on disk?
[12:22pm] MorrisJobke: AFAIK it's stored on disk
[12:22pm] MorrisJobke: why?
[12:24pm] ramsch: I guess it’s ok for the purpose of the encryption app, but we need to clarify on our website (aykit) that it was never meant to be used for local encryption and that we’ll therefore won’t add support for encryption with our notes app.
[12:25pm] ramsch: “… therefore won’t add support for encryption with our notes app”: There are just too little use cases for the hurdle of geeking into the encryption source
[12:26pm] MorrisJobke: the use case of encryption is mostly to use it with external storage, where the owncloud is sort of middleware and keeps the keys and the encrypted files are stored encrypted on an external storage (GDrive, Dropbox, etc)
[12:27pm] MorrisJobke: and to make it more difficult for admins to access files (you won't see any content by accident - you need to intercept many stages to decrypt the content)
[12:28pm] MorrisJobke: ramsch: ^
[12:28pm] ramsch: If the private key is stored in the session it’s pretty easy to access the files I guess
[12:28pm] ramsch: If it was stored in ram it would be at least a little more difficult for 3rd parties ….
[12:28pm] ramsch: However, that was never the intention of the app. Just wanted to make sure ...
[12:29pm] MorrisJobke: yes
[12:29pm] MorrisJobke: therefore you need client side encryption, but then you wouldn't be able to easily use the web interface
[12:29pm] ramsch: I totally understand ...
[12:30pm] ramsch: Alright, see you sometimes. And thanks a lot for this quick reply
Don’t get me wrong: This is ok for the purpose of this app, as it was never meant to encrypt files on internal storage.
All this led to the conclusion that we will not support encryption within My Own Notes. Understanding encryption techniques and implementations needs a lot of work. It just does not feel right putting that much effort into an encryption technique with such little use cases.
For everyone who wants to encrypt ownCloud content we suggest using
EncFS eCryptfs (see comments below) or the very mature dm-crypt via LUKS. Those two techniques come with implications as well. However, they are very stable, very mature and are not known to break easily. Or, even better, use open source client side encryption software like CryptSync to keep your cloud data secure. Please be aware that this way, people won’t be able to access your data using the ownCloud web interface.
I hope we have been able to shed some light on ownCloud encryption app. Please consult the ownCloud article and documentation for further information and read our statement on github for the big why’s of not supporting encryption within My Own Notes.