E2EE and file sharing

Daniele_Coppola · September 13, 2022, 3:04pm

Hi all, is it possible to share a E2E encrypted file with another user? This feature is often mentioned but I can’t seem to figure out how, hence I believe it might not be implemented yet.

karlemilnikka · September 19, 2022, 4:14pm

Unfortunately, no. The cause of the confusion is that, back in 2020, the marketing page stated that sharing was possible. That feature has, along with many other promoted E2EE features, been retroactively been marked as “roadmap features”.

Here’s what the marketing page said back in 2020: https://web.archive.org/web/20201204235908/https://nextcloud.com/endtoend/.

Here’s what it looks like today: https://nextcloud.com/endtoend/.

The marketing page currently states that the end-to-end encryption solution is under constant development. From what we’ve seen for the past couple of years, it isn’t true. None of “roadmap features” have been implemented since 2020. Some compatibility issues have been fixed, but the app is still way too unreliable and far from production ready. Just check the reviews.

devnull · September 20, 2022, 5:27am

I think there is no feature. The problem is probably that you would need a fairly complex key infrastructure to do this. But you can find this e.g. at Dracoon. The only question is whether the users of the software actually activate it.

You can use e.g. encrypted ZIP files and share them without E2E and you can communicate the password via an alternative way.

for developers
Maybe someone would like to implement the functionality of https://privatebin.info (which is probably also used in a similar form in MEGA) as an app. This would allow you to implement client-side encryption with Javascript and the data would never be stored unencrypted in the Nextcloud. I think this is possible. However, it does not use a key infrastructure and is therefore not comparable with solutions such as Dracoon.

Example Privatebin:
https://privatebin.net/?4cc465bb0bd0531b#6mmbcV2ygVQ6diL3QUerzjAERJjnsZCRBYNVpRCdJa1y

https://privatebin.net/? URL Pastebin service
4cc465bb0bd0531b storage location on the server (data/4c/c4/65bb0bd0531b.php)
# separator (html browser function)
6mmbcV2ygVQ6diL3QUerzjAERJjnsZCRBYNVpRCdJa1y AES-256 not transmitted to the server

Note
Because of security reason end-to-end-encryption of Nextcloud is not available in the Nextcloud webserver GUI. The above idea is is only an extension for secure sharing with third parties and cannot replace End-to-end-encryption (for single users).