Cloud storage and collaboration platforms are nothing new. However, it can be very difficult to keep critical data encrypted and secure, especially when sharing. Bram van der Kolk, Co-Founder of MEGA, talks about how they engineered end-to-end encryption with no service degradation, how their products securely create decryption keys for sharing files with peers, and what steps users can take on their own to help protect their data.
This interview was published on October 13, 2020.
What is MEGA?
MEGA is an end-to-end encrypted cloud storage and collaboration platform. Everyone is probably familiar with Dropbox and Google Drive – MEGA does that and more. MEGA solves the communication aspect, which is very relevant for collaboration, and its unique difference is that we designed everything with end-to-end encryption from the start. We launched in 2013, which was later than some cloud storage providers. This was because end-to-end encryption in a browser was nearly impossible in those older version browsers. When browsers became about 10X faster in 2013, it was just the right time to include end-to-end encryption and make it available to the masses.
There were also various HTML5 APIs and other new technologies that became available in the browsers. Those allowed us to build MEGA, but we had to go through quite a bit of acrobatics to decrypt a file on the client-side in the browser and serve it back to the user. Since then, we have also leveraged WebRTC, a standardized Voice Over IP technology, including cryptography, which is also supported by our mobile apps. Again, all of this is done with end-to-end encryption, so we do communication, chat, and cloud storage. We also have MEGAsync, a native desktop app that supports many platforms that can automatically synchronize all the data from your device on Linux, Apple, Windows.
When sharing files via MEGA, how are they decrypted?
That’s an excellent question. With MEGA, you can share data in several ways. Of course, we want to help users share with their friends or business contacts, so we support creating a link to a folder or file. However, we have implemented it smartly and properly. First of all, we allow the user to export a link and the decryption key separately so that a security-conscious user could send the decryption key through a separate channel. However, we also make it very convenient, and you can have the file handle and the decryption key in one link. Because of how the link is constructed and the way browsers process it, the decryption key part of the link always stays on the client’s device, never reaching MEGA’s servers and preserving the zero-knowledge confidentiality for users. We’ve really engineered this to the max in terms of usability because we want to compete with unencrypted services. We want to be better by offering encryption without MEGA users experiencing any disadvantage, even though it’s more difficult for us. Of course, posting a link with the decryption key on a public forum will degrade the security level.
The other way of sharing is through a contact relationship with another MEGA user. There’s asymmetric cryptography between participants with the secret key being exchanged so you can share a secure folder with various privileges to one or more of your peers. You can also share files through our MEGAchat. The convenience is that you can easily share data within a chat without uploading it every time since it’s already in your cloud. It’s very powerful to have your eight terabytes and just send any selection to any of your contacts.
Is it each folder or each file that generates its own decryption key?
Every file uploaded to MEGA has its own unique decryption key, a part of which also authenticates the file. When you export a file link, it references that key and creates a public handle to that file. This authorizes anyone with the file handle to access the decrypted content through our network, but the decryption key is still needed to decrypt the file.
With a shared folder, it’s a little bit different. A so-called “share key” is generated on the client-side when creating the shared folder within MEGA. Then all the file and folder keys inside that shared folder are also encrypted with that share key. These meta-encrypted file and folder keys, along with the share key itself, are securely made available to the people who have access to the share. Whenever a new file is added to a shared folder, its key is automatically shared to the folder’s share keys, so participants receive access in a cryptographically secure manner.
So, every file has a decryption key, but if its folder is set to share, it automatically gets passed along?
An essential requirement when we designed MEGA’s end to end encryption was that the encryption and decryption should operate under the hood so that the user doesn’t notice. So yes, every file has its own encryption/decryption key; a folder link works exactly like a shared folder, with the share key being part of the link. It also updates in real-time!
Why have you made your source codes open?
Our source code is available as public source, as we don’t want to allow competitors to use it. Other vendors that claim end-to-end encryption don’t publish their code, so you only have their word and their binary code, which is a bit hard to audit for backdoors and bugs. We strongly believe that credible cryptography is impossible without publishing the source code in full – to the extent that allows for repeatable builds.
What is MEGAchat?
MEGAchat is a collaboration platform that allows you to communicate by text, voice, or video, all with our end-to-end encryption. We have many MEGA users who needed to collaborate, so we saw a natural benefit to providing this type of service in conjunction with our cloud storage. It’s a very powerful combination, and we’re building even more on top of that. Unfortunately, I cannot disclose too much today, but we have quite an exciting vision for MEGAchat.
What are the advantages of interacting with MEGA from NAS (Network Attached Storage) devices?
Our NAS support is a command-line utility. It’s very powerful because you can sync your network attached storage devices with your MEGA account using a wide variety of applications. If a NAS device has the MEGA utility installed, you’ll always have all your valuable data in the cloud, even if the device is destroyed or stolen.
Another advantage is when you want to quickly reference or share encrypted data from your NAS devices while you’re on the go. Together with the MEGA app, you will be able to do that on your device. So, it’s another way to back up and put your data into your MEGA cloud.
What are some other features of your MEGA mobile apps?
Our mobile app can be installed on your iOS or Android device. It is very diverse and does everything from text chatting and audio/video calls with larger groups to managing all your data in the cloud from your other devices. We are also improving the App features, a prominent example being our camera uploads engine. It took a lot of time and effort to re-engineer because the mobile platforms restrict client apps from background execution time, and encrypting data on the client-side before uploading takes quite a bit of execution time. When a user installs a MEGAapp on their mobile with 2,000 photos, they expect those 2,000 photos to get uploaded. So, we had to put in quite a bit of engineering effort to navigate around the very restrictive landscape, but we managed to do so in a way that I think surpasses our competition. This is a very powerful use case like the NAS example because mobile phones get lost, and MEGA provides a viable, secure alternative.
What steps can users take to keep their data secure?
There are several things users can do to keep their credentials and data secure, especially in password hygiene. Unfortunately, we still see many large services experiencing security breaches with users’ credentials extracted and shared on the dark web. Users recycling these passwords or using weak passwords leave themselves open to attacks.
MEGA’s encryption provides significant security, and while we have our own mechanisms in place to protect against rogue attacks, it’s essential for users to select solid secure passwords. However, it can be difficult to remember a secure password, especially across 50 or 100 Internet services, so you need to use a password manager. There needs to be more discipline among the Internet population to adhere to certain basic security principles. So, don’t choose a password that is too simple, or you may be subject to credential stuffing and don’t choose a complicated password without storing it somewhere safe.
How has MEGA helped educational institutions operate since the onset of COVID-19?
At the beginning of COVID-19, we saw user registration jump considerably, by around 70%. There was a strong need for our service, which was great, but we saw the whole paradigm changing, and I, as someone with a child in school, felt that we should do what we could to help. To date, we have supplied free MEGA access to thousands of educational institutions and storing many petabytes of their combined data.