The Limits of Cloud Encryption

on August 15, 2013

Revelations of National Security Agency snooping on email and other internet traffic has inspired long-overdue concern about privacy and security–and set off a wave of opportunistic announcements of encrypted services. Adding encryption is a good thing, but you have to understand what it can and cannot do. and what the newly announced services definitely cannot do is keep the government’s eyes off your data.

There are two fundamentally different problems: Protecting data in transit and in storage (sometimes called in flight and at rest in technical literature.) These are subject to different technical requirements and different legal protections–in general, data in transit are better protected.

In-transit protection. There’s no excuse for not encrypting all sensitive data in transit. There are standard protocols for it: Secure socket layer (SSL), transport layer security (TLS), and the more secure Perfect Forward Security. Transactions with Web sites involving any sort of personal data should use secure HHTP (HTTPS); if you use a mail client such as Outlook, Mac Mail, or Thunderbird, you should choose encrypted transport under server settings (Microsoft Exchange mail is encrypted by default.) If your mail provider doesn’t support encryptions in transit, seriously, get a new one.

In-transit encryption is what most providers offer. Some also encrypt mail stored on their servers, but there’s a catch. The government–and sometimes private parties in a lawsuit–can demand that the stored mail be decrypted and, with proper authority, the mail service provider has no choice but to comply.

When can the government look? Exactly what sort of authority the federal government needs, a major issue in the NSA revelations, is not entirely clear. Normally, the government would need a court order for mail less than 18 moths old, but a mere administrative subpoena for anything older. (Why the distinction? Because that’s what the 1986 Electronic Communications Privacy Act says.) It was the realization that they could not defy government orders that apparently led Lavabit and SilentCircle to shut down their secure mail services.

It is possible to encrypt email traffic from end to end, but the difficulty makes it seriously impractical. To do it, you have to find a way to get a key to everyone you want to be able to read a message. There are ways to do this using public key encryption, but they are far from easy to implement and far from convenient to use, so almost no one does it. And even if you encrypt message data from end to end, you have to leave header information exposed or the mail system will be unable to deliver your messages–and this metadata can reveal a great deal.

Cloud shortcomings. Automatic encryption of information stored on cloud servers, as recently promoted by Google and Amazon suffers the same shortcoming as encrypting stored mail. The service provider has the keys, and can be forced to give them up. This sort of encryption is still a very good idea; if done properly, it is very effective at protecting your data from intruders or other prying eyes. But it won’t work against an adversary with a court order.

The only way to get complete protection of data stored in the cloud is to encrypt it yourself before sending it to the cloud, and keep the keys in your possession. It’s not the most convenient thing in the world and if you lose the keys you are sunk,  but there are standard software packages that will do the heavy lifting.