What is GroupEncrypt?
This is a web app that runs on a browser. It encrypts and decrypts files using public-key cryptography from the NaCl suite. This way, you can be sure the File Sharing service hosting your files cannot see their content (most would, otherwise). GroupEncrypt is designed to be very easy to use.
How do I use it?
- Load the app by typing its URL on your browser. Open your File Sharing service on a separate tab. Also open Explorer, Finder, or the file manager of your choice and resize the windows so it is easy to drag and drop files from this to the browser.
- Type your Password in the app. If accepted, the file drop area will be revealed.
- To encrypt local files to a folder in the File Sharing service, go to the shared folder in the service and download its encrypted Folder Key. Drag this from Downloads to the app's drop area to load the Folder Key. Now drag the files to be encrypted to the drop area. They will be encrypted and saved to Downloads. Upload these to the service.
- To decrypt files from the File Sharing service, download the encrypted files and the encrypted Folder Key. Drag the Folder Key from Downloads to the drop area. Now drag the encrypted files to the drop area. They will be decrypted and saved to Downloads.
But I heard encryption was hard to use...
Its math is very complicated, but GroupEncrypt makes it easy for the regular user by moving all the difficult tasks to a group Administrator, who enrolls and removes users and maintains file access to the shared folders. Regular users only need to remember their Password, which they never need to change, and to get good at the process described above.
Tell me more about the Administrator
GroupEncrypt is meant to be used by a relatively small group of team members, up to 255 of them at a time. One of them, acting as Administrator, collects the members' public keys (displayed on the app the first time they enter their Password) and writes them in a special text file that is downloaded with the app. He/she also makes and updates the Folder Keys for each shared folder, taking into account which members should have access to the contents of each folder. The Administrator has a special password for changing settings on the app server.
But there are File Sharing services that do this already...
Oh, do they, really? Mega.nz, Sync.com, DropSecure, and some others advertise "zero-knowledge" encryption of the files shared through their servers, but you the user have no way to make sure that this is true. Some actions, such as adding or removing access to other users for files already encrypted, cannot be done with "zero knowledge" except on the client. How do they do it? You don't know, because the code you can see is obfuscated or minified, and there is a whole lot more code that runs on the server and you cannot see. With GroupEncrypt, you see all the running code, all the time. You don't even have to be connected to the Internet because everything is done client-wise, as it should be.