I am considering moving my default documents folder to Dropbox. These also contain scanned letters and important information relating to contracts, bills, and so on. I will encrypt those with True Crypt.
Are there any other security implications I need to take into account? If my Dropbox is compromised then how secure will the Documents encrypted be (providing they don't know the password)? Are they safe, is there anything I could do to further increase their security?
I heard that TrueCrypt can have both a password and a 'key file'. Both would be required to unlock the store. I could keep this file on my computer, and on a portable key, and not on Dropbox. Is this possible? I Imagine it would massively increase the security..
Basically: What should I take into account when encrypting my documents, what settings, should I use a eye file, how secure is the encryption should my Dropbox be compromised?
Best Answer
Yes - assume DropBox is an open, insecure system. What would you normally do with your data on an insecure system?
If you have very sensitive data, you will want to use strong encryption. One of the upsides with TrueCrypt or similar is that the passphrase/key/whatever never need to be visible to DropBox which means that an attacker can't do anything useful with your encrypted data unless they also compromise your home machine.
You can use a key file if you want - but to be honest, using a long passphrase can secure the data to a level which requires an unfeasible timespan to break so it should be all you would need.
Once the encryption is above a certain amount, an attacker is forced to use the xkcd approach
(Admittedly the thresholds vary dramatically depending on what data you have, what kind of a target you are, what threat actors want to attack you etc., but if you use TrueCrypt with a currently approved strong encryption algorithm such as AES, with a passphrase of 20 characters, you will be well protected from a brute force attack on your encrypted data on DropBox)