Is Dropbox end-to-end encrypted?

Almost a billion people use Dropbox for for cloud storage, to share files, and to collaborate. Is it secure?

Dropbox now reports almost one billion active users on their products for cloud storage and sharing; similarly, Google Drive has announced they are also exceeding the one billion user threshold. However, both of these products implement similarly limited levels of encryption, where personal data remains exposed to additional parties and not to users alone.In this blog, we’ll explore how encryption on Dropbox works, particularly in comparison to fully end-to-end encrypted storage providers, which use completely zero-knowledge encryption to keep files and data private to users alone.

Cloud storage and encryption

Cloud storage is a service that allows users to save files online so that they can be accessed from any internet-connected device. The cloud storage provider manages the infrastructure and security of the user's data, making it accessible from anywhere in the world. Cloud storage is often used as a backup for local files, as it provides protection against data loss due to hardware failure or user error. It is also significantly more robust and reliable than transferring files using physical mechanisms (USB drives or hard disks) and easier than simply emailing all important files back and forth.Cloud storage is also becoming increasingly popular as a way to store and share files, as it offers a convenient and efficient way to keep files backed up and synchronized across devices. Numerous companies, including Dropbox, Box, Microsoft, and others, have offered cloud file-sharing services for individuals and enterprise customers, allowing teams and organizations to collaborate on projects, datasets, or documents.There are numerous different cloud storage providers, each offering different features, pricing plans, and levels of security and encryption. Some of the most popular providers include Google Drive, Dropbox, and Apple’s iCloud product. When choosing a provider, it is important to consider your needs, budget, privacy concerns, and more.Once you have chosen a provider, you will need to create an account and install cloud storage software on your devices, which will allow you to access your files from any device with an internet connection. Almost all cloud providers now offer easy-to-use mobile, desktop, and tablet applications across all providers.To add files to your cloud storage, simply drag and drop them into the designated folder on your computer, or upload them through a web interface. The files will then be uploaded to the cloud and synchronized across your devices. You can easily access, share, upload, and download your files via any cloud storage provider’s website.If you edit a file on one device, the changes will be automatically synced to your other devices. This makes it easy to keep your files up-to-date and accessible from anywhere. Cloud storage is an easy and convenient way to store and share files or keep your data synchronized across devices. Beyond backing up your data, many individuals now choose to write, create, and share content directly inside cloud providers, such as using Dropbox Paper or Google Docs to write documents.

Cloud storage encryption

Dropbox is one of many cloud storage providers that market a basic level of encryption in their services, frequently broken down as “encrypted in transit” and “encrypted at rest.” Although this secures your data from certain risks, such as interception by hackers reading network traffic, it is a much weaker level of protection than full end-to-end encryption.Encryption in transit refers to the use of TLS and SSL to encrypt network traffic from users’ devices to Dropbox servers. Encrypted at rest refers to the fact that data, when stored in Dropbox databases, is encrypted symmetrically (typically using an algorithm such as AES-256). While AES encryption is frequently used in the industry, it still allows Dropbox employees, law enforcement, or other parties to access your information. As a result, it is weaker than end-to-end encryption, where user data is encrypted client-side before ever reaching a Dropbox server, preventing anyone but a user from decrypting or deciphering an encrypted file.

Encryption vs. End-to-end encryption

There are a few key differences between encryption and end-to-end encryption. Encryption is a process of transforming readable data into an unreadable format, typically using a key or password. End-to-end encryption is a specific type of encryption that takes place between two devices, such as an end user and their other devices, in order to keep the data private and inaccessible to any other parties.One key advantage of end-to-end encryption is that it offers more security than encryption alone. With encryption, the data is encoded and can be decoded by anyone who has the key or password, such as in the description of encrypted at rest above. However, with end-to-end encryption, the data is encoded and can only be decoded by the devices involved in the communication. This means that even if someone were to intercept the data, they would not be able to read it.Another advantage of end-to-end encryption is that it can help to prevent data breaches. Data breaches occur when sensitive information is exposed to unauthorized individuals. This can happen if the data is not properly encrypted. End-to-end encryption can help to prevent data breaches by ensuring that the data is only accessible to the devices involved in the communication. In the past, Dropbox has had data breach issues; end-to-end encryption would prevent any hackers from decrypting files that are maliciously downloaded from Dropbox.End-to-end encryption has more recently become mainstream in messaging apps and communication providers. This includes Signal Messenger, WhatsApp, iMessage, and many of the other most commonly used messaging applications.Overall, end-to-end encryption is a newer, stronger, and more privacy-first method of securing user data. However, it also has increased technical complexity and is more recently making its way to the consumer market. More broadly, end-to-end encryption offers more security than encryption alone and can help to prevent many of the significant risks stemming from provider data breaches.

End-to-end encrypted cloud storage

Tresorit: Tresorit is a Swiss based secure cloud storage provider that was recently acquired by the Swiss government. Similar to Dropbox, Tresorit offers cloud sync and storage feature for individuals and teams. This also includes apps across multiple devices, such as iOS, Android, Windows, Linux, and Mac.Tresorit offers two-step verification features for additional protection, as well as password protection for files. Like most cloud storage providers, synchronization across devices is offered out of the box. Most importantly, Tresorit is end-to-end encrypted, keeping users’ sensitive data completely private.Skiff: Skiff is a privacy-first, end-to-end encrypted workspace that offers products for end-to-end encrypted email, file storage and sharing (Skiff Drive), and collaborative wikis, documents, and notes (Skiff Pages). Every document, file, and folder is end-to-end encrypted, keeping your personal information completely private to you. Skiff also offers mobile apps for their drive, email, and docs products that are compatible on iOS, Android, Mac, and more.On Skiff, even every file imported from Google Drive is encrypted client side, keeping data security for users as the paramount goal. Skiff also offers two-factor authentication and password protection for users to maintain an extra layer of security against account compromise. Finally, the platform offers 10 GB of free storage, which is larger than Tresorit and other privacy-first cloud storage providers.

Why choose end-to-end encryption?

First, with end-to-end encryption, your data is encrypted before it ever leaves your device. This means that even if the cloud storage provider were to be hacked, your data would be unreadable.Second, end-to-end encryption provides better security for your data. Standard cloud storage providers typically use server-side encryption, which means that your data is encrypted on the server but not on your device. This means that if the server were to be hacked, your data would be at risk.Third, end-to-end encryption can help to ensure that your data is not tampered with. Standard cloud storage providers typically do not offer any guarantees about the integrity of your data. With end-to-end encryption, you can be sure that your data has not been modified in any way. Modern encryption algorithms generally guarantee both privacy and authenticity, making it impossible for your data to be modified when uploaded and stored on the cloud.Fourth, end-to-end encryption can help to protect your privacy. Standard cloud storage providers typically do not offer any guarantees about the privacy of your data. With end-to-end encryption, your data is only accessible to those with whom you share the encryption key. If you are not using an end-to-end encrypted provider, you may be much more susceptible to privacy policy or terms of service changes, which could impact how the provider may access your personal data.Finally, end-to-end encrypted cloud storage can offer better performance. Standard cloud storage providers typically compress and encrypt your data, which can lead to reduced performance. With end-to-end encryption, your data is not compressed or encrypted, which can lead to better quality and assurance for everything you upload.

Encrypted Mail, Drive, Calendar, and Docs

Skiff offers much more in addition to their end-to-end encrypted storage product. This includes Skiff Pages, Calendar, and Mail products for collaboration and communication.Every Skiff Mail user gets full access to the entire product suite, which also includes:

Skiff Drive (all data end-to-end encrypted, unlike Dropbox, which is not E2EE)
Skiff Pages (for wikis, notes, documents, and real-time collaboration)
Skiff Calendar (integrates natively with Skiff Mail)

Below, check out a table showcasing Skiff's paid plans, which include more storage space, many moreemail aliases, custom domains, and additional features.

Features	Free	Pro	Business
Drive storage	10 GB	100 GB	1 TB
Sending messages (limit)	200/day	Unlimited	Unlimited
Folders and labels	5	Unlimited	Unlimited
Custom signatures
Auto reply
Schedule or undo send
Email + doc text search
E2EE link sharing
Document limit	Unlimited	Unlimited	Unlimited
Skiff.com aliases	4	10	15
Custom domains	0	2	5
Workspace collaborators	6	6	Unlimited
Doc version history	24 hours	Unlimited	Unlimited

Conclusion

If you’re looking for a fully private, end-to-end encrypted cloud provider, we wrote an even longer blog on the topic that covers major end-to-end encrypted cloud storage providers, including Skiff, Tresorit, Sync.com, and many more. These products offer the exact same level of convenience and incredible user experience but with a significantly higher level of security and confidence as your data remains private to you.