

Mega API - rarestblog
https://mega.co.nz/#developers

======
rarestblog
Some interesting points:

    
    
      All cryptographic operations involving symmetric or 
      private keys are performed on the client side
    
      Each general filesystem node (files/folders) has an 
      encrypted attributes object attached to it, which 
      typically contains just the filename.
    
      All symmetric cryptographic operations are based on 
      AES-128. 
    
      Each file and each folder node uses its own randomly
      generated 128 bit key. File nodes use the same key 
      for the attribute block and the file data, plus a 
      64 bit random counter start value and a 64 bit meta 
      MAC to verify the file's integrity.
    
      Each user account uses a symmetric master key to 
      ECB-encrypt all keys of the nodes it keeps in its own
      trees. This master key is stored on MEGA's servers, 
      encrypted with a hash derived from the user's login 
      password.
    
      In addition to the symmetric key, each user account 
      has a 2048 bit RSA key pair to securely receive data. 
      Its private component is stored encrypted with the 
      user's symmetric master key.
    
      MEGA supports secure cross-account access to folders.
    
      MEGA supports secure unauthenticated data delivery. Any 
      fully registered user can receive files or folders in 
      their inbox through their RSA public key.
    
      (MEGA) is also our first JavaScript project

