Nextcloud features an enterprise-grade, seamlessly integrated solution for end-to-end encryption. Currently in proof-of-concept phase and scheduled to be part of Nextcloud 13, it enables users to pick one or more folders on their desktop or mobile client for end-to-end encryption. Folders can be shared with other users and synced between devices but are not readable by the server.
Nextcloud end-to-end encryption offers the ultimate protection for your data, making it suitable for your most private information. Use it to protect a copy of your passport, passwords, driver's license or bank account information.
Enterprises could require employees to keep a subset of the most confidential information client-side encrypted. Research, customer information or strategic documents can be guaranteed to be kept confidential.
Seamless integration and ease of use with key features like offline recovery keys, auditing and HSM support make Nextcloud End-to-end Encryption the perfect complement to other Nextcloud security features including Server-side Encryption and File Access Control.
Cryptographic Identity Protection
Every user gets a unique public/private key combination when they first enable end-to-end encryption. The public key is sent to the server and signed into a certificate. The certificate is checked by the users' other clients and used by other users to share encrypted files with the first user, based on Trust On First Use.
Enterprise-grade Encryption Solution
Nextcloud offers a supremely easy to use, well integrated file sync and share solution with an uniquely layered approach to security. Our solution delivers deep infrastructure integration with support for nearly any storage technology and combines it with powerful server-side encryption and end-to-end encryption in the clients, both of which can be applied in a granular way.
Rather than making it an either-or choice, businesses can rely on utmost security where it is needed but keep collaborative online document editing and full-text search on the server over the rest of the stored data.
Users can access data on a FTP drive shared with another company; while data stored on an external S3 compatible object storage could be encrypted using server-side encryption so the storage provider has no way to compromise their security.
Meanwhile, using the Nextcloud File Access Control capability, files from the HR department can always be enforced to be end-to-end encrypted on their clients, protecting their data from even the worst case of a full server breach. Similarly, sensitive research, customer information or strategic documents can be guaranteed to be kept even from server administrators.
Below we cover some of the basics of our design. Download our white paper for more details.
We aimed to fulfill the following business and technical criteria.
Accepted feature loss
We accept losing the following features:
The encryption is based upon an asymmetric cryptographic system. Every user has exactly one private and public key pair.
The key generation process is designed to keep the contents of the private key from the server while storing it security so it can be synced to other devices the user owns. Some other properties of the process:
Creating an end-to-end encrypted folder is done by flagging an empty folder as end-to-end encrypted, creating metadata, encrypting and uploading it. The process is protected by locking, with the client requesting a lock from the server and releasing it again after all changes are finished and uploaded.
Files are each encrypted with their own, unique key, which is stored in the metadata file. All data in the metadata file is, in turn, securely encrypted and files names and directory structures are also hidden from the server using a unique UUID as name for each file.