End-to-end encryption for secure, zero-knowledge file sync & share
2018-12-27, 17:00–17:45 (Europe/Berlin), OIO lecture arena
Language: English

In this talk I'll detail the Nextcloud End-to-end Encryption design, going through the steps of creating the private/public key pair, encrypting and syncing it, encrypting files and uploading them, adding devices to the trusted circle and so on.


Nextcloud's E2EE is designed to protect user data from the server. The goal was to let users sync and share folders (and their contents) as easily as possible without the server ever having the ability to access the data. That rules out a web interface and has other limitations, but that's the price for knowing your server can't spy on you. It isn't and was never meant for ALL your data, as you should use a solution purely focused on E2EE instead! The nice features of Nextcloud, from online document editing to public sharing, will work on all your files except those you put in E2EE folders.

The talk is reasonably technical - it doesn't delve in to code or algorithms but sticks to the general design and flow of data: how do we create and share public keys, how do we get the private key on another device without the server being able to access it, how do we encrypt files and share them and so on.

People person, technology enthusiast and all-things-open evangelist. Doing marketing at Nextcloud, previously Community Manager at ownCloud and SUSE, recovering business consultant with decade long involvement in the KDE community. Enjoys avoiding traffic and public transport on bike through Berlin, but only when the weather is good. Loves cooking for friends and family and playing with the dog.

This speaker also appears in: