Guide to Who Holds The Decryption Keys for 16 Cloud and Backup Services

key and cloudAs many people are now learning, simply knowing that something is encrypted is not enough. Encryption, like security, exists on a continuum that runs between safety and convenience, and it's important to know where on that continuum your data – and cloud providers – lie. The largest factor in determining the relative security of your encrypted data is knowing who has access to the decryption keys (i.e. who is able to decrypt it... and when?)

Below are some services commonly-used by Apple users along with who holds those keys:

Apple Services

iCloud Backups - Stored on Apple's servers, encrypted with Apple's keys.
iTunes Backups - Stored on your computer, encrypted with your keys if you choose to do so (but you then might also store those keys in your system keychain).
iMessage - Encrypted with your keys while sending (but backups inherit the key access of the backup method).
iCloud Mail - Stored on Apple's servers, encrypted on Apple's servers with Apple's keys. End-to-end encrypted only if you use optional S/MIME or PGP.
Contacts & Calendars (synced to iCloud) - Stored on Apple's servers, encrypted with Apple's keys.

Third-Party Services

Gmail - Stored on Google's servers, encrypted with Google's keys.
Google Calendar, Contacts, Drive, Docs, Sheets & Slides - Stored on Google's servers, encrypted with Google's keys
Dropbox - Stored on Dropbox's servers, encrypted with Dropbox's keys.
CrashPlan - Three options if storing on Crashplan's servers: CrashPlan's keys, a key of your own that CrashPlan generates, or a key of your own that you generate.
Backblaze - Two options: Backblaze's key or one of your own that you generate. All data stored on BackBlaze's servers.

I've always maintained that data encrypted with providers' keys is "secure until a subpoena." That is, if your cloud provider has the keys they are able to divulge your data if (legally) compelled to do so. On the surface it seems like no one would ever want this, but think about how much convience you enjoy when you allow your providers to hold the decryption keys.

Ever access your iCloud calendar on the web? How about when you restore your iPhone from an iCloud backup? All you do is authenticate with your Apple ID and, magically, your data is decrypted and made available to you. Or how about when you login to Dropbox from a new device and are able to see all your data? Apple and Dropbox encrypt all that data on their servers, but because they have the decryption keys all you have to do is login to your account and you're granted access.

Some services, like CrashPlan or Backblaze, give you a choice as to whose encryption keys you use. If you choose to use the providers' keys in those cases, accessing your data is just like we described above. But if you provide your own key then there's an extra step: after you login to your account you have to provide a long, likely-complex key to access your data. And you have to decide both where you want to store that key and if you even want to provide it over the web to your backup service.

Again, it comes back to where you want to exist on this continuum. If you don't want anyone to have access to your data, don't store it anywhere. But that also means YOU won't have access to your data. If you want access but want to ensure that other people likely will not, then you have to encrypt your data with a key that no one else has and store it in a place you trust, making it difficult — and inconvenient – for others to access your data. But what's inconvenient for them is equally inconvenient for you.

Choose wisely. And informedly.

[article image courtesy Shutterstock]