The growing number of personal computing devices ranging from smartphones to personal desktop computers as well as the ever-expanding amount of personal data induces the need to have this data accessible all day on many different devices. Additionally, any data or changes done on one device should be reflected on all other devices used by that person.
While the data is stored locally on one of these devices, remotely on any storage hub, or while being in transit, strong encryption should assure the highest possible level of confidentiality without the need to trust any third involved party (e.g., the storage or network provider). This should also include any metadata used for managing, synchronizing or sharing this data between devices.
Furthermore, one should be able to detect and recover from unauthorized modifications or the destruction of the personal data.
Besides having all personal data on all devices it is desirable to also temporarily share a dedicated subset of the data with other individuals. These individuals should be able to access the data but, at the same time, being unable to modify it while maintaining all protective aspects.
Known synchronization solutions are mostly an integrated part of different products, thus providing access to the products data on several devices. The synchronization itself typically uses simple metadata comparison in order to identify the most up to date version of a single synchronized data entity. Other solutions are based on file system synchronization, where the metadata solely consist of the typical file system information, like name and modification date. This approach is used, e.g. by products such as rsync.
Other solutions store the managing data as an additional data entity and therefore being able to use a more detailed set of metadata to provide better and more stable synchronization including information about entity version, history and conflict handling. This single managing data entity has to be read upon each synchronization cycle in order to decide which data entities have to be synchronized or not.
Depending on the synchronization service or storage provider, the communication channel might be encrypted. Nevertheless, the locally and remotely stored data entities are still kept unencrypted in the known solutions.
Several solutions also provide a means to share a subset of the data with other individuals. Any access and modification restrictions, however, solely rely on the technical capabilities of the service or storage provider. Such a service is provided, e.g. by DROPBOX™.
Due to increasing privacy concerns, additional solutions have recently evolved, providing data encryption on top of the aforementioned synchronization solutions. Basic synchronization algorithms handle the data entities as undefined binary objects with associated metadata, used for the synchronization. In special cases, the single managing data entity is also encrypted in itself, but it must still be read completely and then being decrypted in order to perform a synchronization cycle. This technology is used, e.g. by DEVONTHINK™ and SYNCANY™.
If sharing is not part of the solution, a symmetric encryption algorithm is typically used for protecting the data. Using a global master key, either derived or randomly chosen, entity keys are used for the actual encryptions which are then protected by the master key. For a solution with sharing support, mostly a hybrid encryption concept is used, wherein the entities itself are encrypted using a symmetric encryption algorithm and the randomly chosen entity key is protected with the public keys of an asymmetric encryption algorithm for each identity, to which access should be granted. This sharing technology is used, e.g. by Boxcryptor.
All known solutions, however, suffer from a number of drawbacks:
Most synchronization solutions do not provide any kind of data level encryption. In best case the encryption is solely provided on the communication channel itself, whereas the data is stored in unencrypted form. Thus, the user is required to fully trust the synchronizing storage provider. The same applies to known sharing functionality as the access limitations depend on the technical capabilities of a provider and its correct implementation.
Some solutions with data content encryption do not comprise any modification protection. This allows for undetected manipulation of encrypted data with differing success probability depending on the actual protection scheme used. Most critical is the commonly unprotected metadata which is used for managing the synchronization. While this will allow for unhindered efficient synchronization operations it also enables several kinds of manipulations, including undetected reinsertion of already outdated content, permanent data destruction, or fatal synchronization state disruption.
When using a single encrypted data entity to hold the relevant metadata, it will protect against several manipulation techniques. But with elapsing time and growing amount of data entities to synchronize, the managing entity will grow up to a point where a synchronization cycle will take too long to be usable. Additionally, a single entity is also a critical point for being disrupted. It can be destroyed or an outdated version can be reinserted.
Encryption solutions, as proposed by U.S. Pat. No. 8,589,680 B2 that provide sharing make use of asymmetric encryption (public-private key pairs) algorithms to grant access to data for specific individuals, identified by their public key. The data entity encryption key is protected with the public key of each individual which should have access. But either no further validation and protection mechanism is used or no standards are in place, which would allow any known user to digitally sign a created data entity. This enables individuals to also change the data in question or to recreate new data without detection. Thus, a read-only sharing solution is not realizable.
US patent application publication US 2013/0283060 A1 proposes a way of sharing privately the encrypted use of data that is stored remotely from an owner of the use of data. A request to share the privately encrypted data with a set of authorized persons may be received. A private encryption key may be received where the private encryption key is managed by the owner of the use of data.
In summary, none of the above discussed solutions are designed to provide an efficient synchronization mechanism supporting read-only access while providing security by fully encrypting the data entities.
It is therefore technical problem underlying the present invention to provide an improved way of efficiently synchronizing encrypted data between devices. A further objective addressed by aspects of the present invention is that some of the devices shall only be allowed to have read-only access to shared data.