
Encrypted Google Docs done well  - wglb
http://rdist.root.org/2011/05/09/encrypted-google-docs-done-well/
======
jakevoytko
To summarize the approach in the PDF, they reverse-engineered the wire format
used to update the client. The extension encrypts small sections of the
document (as small as individual characters) with block ciphers. The
ciphertext is then sent to Google over the reverse-engineered wire format.

Since they aren't sending actual text to Google, they don't have access to
server-provided features like spellchecking or exporting, and they didn't try
to handle simultaneous collaboration. However, they assert that if you share
your extension's settings for a particular document, your collaborators can
all get updates, they just can't type when you type. They also found they hit
Google's document size limit pretty quickly, since encrypting individual
characters makes the document 16x larger.

In exchange, they claim this gives them enough security to update documents
over an insecure channel (they cite China blocking https access to Docs as a
compelling example), and Google only stores an encrypted form of the document,
so the contents are unrecoverable by Google.

~~~
JoachimSchipper
Also read the first comment:

"Correction: this is a pretty good way to do it. There’s still some big
information leaks; [...] For example, a letter responding to a job applicant
is likely to be shorter if they got rejected, and longer if they’re hired. And
you can do much lower-level analysis, [e.g. sshow-like or keystroke timing
attacks]. [...]

Remember that doing bulk statistical analysis of incremental ciphertext edits
to gleam as much information as possible is the kind of application that
Google’s infrastructure is perfectly designed for!" -- Jim

~~~
fuzzmeister
Given how hard Google is working to earn the trust of businesses with regard
to Google Apps, I highly doubt they would be stupid enough to risk getting
caught spying on individual documents.

------
comex
Eh, okay... but if it doesn't handle simultaneous edits, and considering the
dual security problems of timing attacks and "Google Docs could just add some
code to confuse the Firefox extension and steal your keystrokes", is it really
better than sticking an encrypted file in Dropbox?

------
sweis
This is the original paper and submission here:

<http://www.mightbeevil.com/securedocs/>

<http://news.ycombinator.com/item?id=2529505>

------
rbright
If you don't trust Google with your data, why are you using Google Docs?

~~~
onedognight
Free storage, infinite bandwidth, awesome software?

~~~
logermoore
Free storage? You could store a gazillion word processing and spreadsheet
documents on a normal hard drive (and back them up on Dropbox if necessary).
Awesome software? Hardly (and I've used them for years before I switched back
to desktop programs). The word processor still has bugs that should have been
weeded out years ago.

So the question is relevant: Why not just use LibreOffice?

------
logermoore
Unless you actually use the collaboration feature of Google Docs it would make
more sense to just use LibreOffice instead of Google Docs + encryption.

------
yuhong
I wonder what Stallman thinks of that.

