Hacker News new | past | comments | ask | show | jobs | submit login
Dropbox Encryption with TrueCrypt (ballestrini.net)
33 points by foxhop on Apr 16, 2011 | hide | past | web | favorite | 25 comments

TrueCrypt doesn't really work because you can't mount it from several places at the same time.

I looked up for other solutions which allow this (for example by doing the encryption separately for each file; but I could also think about other things).

I only found http://www.arg0.net/encfs so far but I didn't tried yet. It does the encryption separately for each file.

encfs didn't work for me either. See this comment from a year and a half ago:


Dropbox supposedly encrypts server side. If you want to encrypt client-side, use SpiderOak or TarSnap. These hacks on top of Dropbox don't mesh with the semantics of Dropbox properly and will cause problems days, weeks, or months down the line unless managed extremely carefully.

Yes, I already thought about that case. But I don't think it should be complicated to extend EncFS to handle that well (to just provide both versions to the end user in that case).

You can do this with ecryptfs, which is built into the kernel. It transparently encrypts each file in a "lower" directory; this directory is mounted to a "higher" directory where the files are transparently encrypted/decrypted as needed. It's a great solution for this kind of stuff and it lives in the kernel. You don't have to deal with FUSE or any of that.

TrueCrypt is OK if you only use Dropbox for backup. But as soon as sync comes into the picture, all hell breaks loose. Remember, a TrueCrypt volume contains an entire file system inside. File systems seriously don't like it when you modify bits and pieces of it from under their feet. You can't use any file in the volume until you've finished using the volume in the other computer.

EncFS is somewhat better in terms of sync, because it encrypts each file separately.

Here's a nice tutorial: http://pragmattica.wordpress.com/2009/05/10/encrypting-your-...

I have ~2.5GB of encrypted files in my Dropbox, and as long as I don't try to edit the same file in two places at the same time, it works like a charm. (Conflicts can be nasty, as another comment says. But it's not as bad as TrueCrypt, because EncFS works per-file.) Editing different files at the same time, on the other hand, is kosher.

There are, however, a few other problems with EncFS.

First of all, you can't mount an EncFS directory tree from Windows. There's an actively developed Windows port of EncFS out there (which uses Dokan), but I've never been able to get it to work properly.

Also, Windows has a maximum path length limit of 260 chars. Since EncFS pads file names with unique IVs and base64 encodes them after encrypting them, you can reach this limit after only 3-4 levels of subdirectories. Paths which are too long for Windows will simply be omitted from the Windows copy of your Dropbox folder. So if you ever treat the Windows copy as an authoritative backup, you're in for a nasty surprise. Linux is OK up to 4096 chars. I'm not sure how OSX does it.

Lastly, Dropbox in Linux tends to choke when you add a large number of files with encrypted filenames. It's not uncommon for Dropbox to declare a "case conflict" in that situation when there actually isn't any case conflict. This can seriously damage your EncFS directory tree, because Dropbox adds the phrase "(Case Conflict 1)" to random files and folders. An easily solution is to stop Dropbox, add the files, and restart Dropbox again. But this can get annoying after a while.

That didn't sound completely right, so I checked it out. You can have a path with ~32k characters actually.


I know that not all software supports those long file/path names, so yeah, you are probably in for some surprises.

Yes, it's possible to use up to 32K characters in the path if you use the "\\?\" prefix. Support for this feature may be hit-or-miss, though, so I wouldn't count on it.

I use encFS for the sensitive files inside my Dropbox and it works really well. Because it is a per file based encryption and most of my sensitive files are rather small (<1MB), there are no (noticeable) speed problems.

In combination with some (really simple) bash scripts for mount- and unmounting, this is imho a good way to encrypyt files inside your Dropbox.

I am wondering how/if TrueCrypt would properly handle being synced if mounted on multiple machines at the same time. One of the biggest benefits of DropBox to me is the access the files instantly on all my computers. If I have to unmount and mount the TrueCrypt volume to change files, that benefit goes away.. What happens if I forget to unmount the volume at home, can I safely change the files while away?

I tried this, and got multiple versions of the truecrypt volume file, filling up my Dropbox account. Pretty nasty, since I had to merge the changes of each variation back in one volume by hand.

This article resembles the recent posts about using git on Dropbox - I wonder if people actually tried this for a longer period, because it just doesn't work, unless you mount the volume only one machine simultaneously and always sync after unmounting (easy to forget after mobile use).

Yes, I took the plunge one day and put a truecrypt volume on dropbox and then put my quicken files in that truecrypt volume, and, ....

Major lossage ensued when I found dropbox gave me multiple versions of that truecrypt volume.

They're not. While the data spaces may not overlap, the file table very likely will (as much of it will fit in a single encryption block), so any parallel changes collide there in even the best circumstance.

I program out of my TrueCrypt volume while in Windows, unmount it, and let it sync. It's a super-easy backup, and DropBox is the only one I've used that handles a 1GB file correctly, and it does it without a hitch.

Worst-case-scenario is you do cause a collision, and you just mount both volumes at once and copy stuff to the one you want to keep.

I guess more testing would be required to know for sure. Its good news that both services are free so it wouldn't be difficult to test out your circumstances.

I use Dropbox more like a thumbdrive for temporary transfers and I like to have the warm and fuzzies that my data at rest is protected with strong encryption.

Nope, you can only mount the disk one place at a time. It wouldn't be an easy thing to build.

Instead of attempting a nasty (and possibly insecure) workaround like this, you should use http://www.tarsnap.com/

If you could use tarsnap in Canada, I would totally use it

I don't profess to know much about security, but unless TrueCrypt does block-level encryption, AND dropbox does block-level syncing, wouldn't this scheme work out really poorly for storing large TrueCrypt volumes?

Assuming a strong form of encryption with minimal information leakage, avalanching would imply that flipping even a single bit of plaintext in a volume of N bits would force ~N/2 bits of ciphertext to change with a distribution approaching maximum entropy. Flipping any number of bits should have the same statistical effect.

Of course, that's infeasible for file system encryption and isn't how TrueCrypt works. An idea is to use a one-to-one mapping between TrueCrypt blocks and DropBox files. Write a file system watcher script that picks up changes to files in the DropBox folder and mirrors the changes to the corresponding blocks in a TrueCrypt volume that lives outside the DropBox folder. The other way around, too.

Do you see anything obviously wrong-headed with this approach? I admittedly don't know the details of TrueCrypt's crypto. If it already does file-level rather than block-level encryption, these tricks wouldn't be necessary. But file-level encryption would seem to leak way too much information to satisfy the truly paranoid.

That is a great question, If you find the answer let me know.

At this point I have been playing around with 700mb file volumes. When I make an addition to the volume, it takes about 2 minutes to sync. I have not tested deletions yet.

I used to store use TrueCrypt + Dropbox to store some important files. Dropbox will detect and sync only the changed portions of your TrueCrypt volume. It takes a while (I think it does some sort of rolling checksum thing to detect differences so it has to read through the entire thing locally) but works ok. It would only sync when the volume was unmounted though.

I store sensitive data in Dropbox using an OS X encrypted disk image in my Dropbox directory. It's not an elegant solution, but it gets the job done. I mount the password-protected disk image when needed, access the data, and unmount when finished. Upon unmounting, Dropbox syncs the encrypted blocks to S3, other computers, etc.

(Encrypted disk-images can be fairly handy. I picked up the trick from a friend and colleague who used them to protect email and other sensitive documents on his laptop. E.g. he sym-linked Mail.app's mail directory, ~/Library/Mail, to the disk image.)

Doesn't this prevent backup/syncing while the image is open?

Sure, but in practice for a single-user dropbox account it's not a big deal, IF you unmount the volume when you're done with it.

I do the same thing that the GP does - mount the disk image, work with the files, then unmount. It's been working great for me for a while, though as the GP says it's not very elegant.

Also, this clearly breaks web access and mobile device access to your files.

That said, I have been using this scheme for my most valuable data sets for about a year without problems.

My take on encrypting stuff on Dropbox..


(It's not not just aiming Dropbox but the only place I actually use it on is Dropbox.)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact