Mega came under criticism over some of its encryption features

Jan 23, 2013 10:32 GMT  ·  By

Mega's high-profile launch was under a lot of scrutiny, for obvious reasons, with many curious to see how the fabled encryption features would work. Mega boasted client-side encryption to ensure total privacy over the uploaded files.

But Mega also made it possible to share those files and didn't require users to actually remember or store any key, things which could mean weaker security.

Critics focused on the fact that encryption keys are stored online, the lack of password recovery options and some of the perceived weak spots in Mega's infrastructure.

The company has now responded to the critics offering a rebuttal to most of the worries. For the most part though Mega agrees with the concerns, but says that these things are clear to users and that most are stated in the FAQ and other info on the site.

For example, the fact that keys are stored online, encrypted with your password. They're useless to anyone with direct access to them, on the Mega servers, but anyone with your password will be able to access all of your files.

Mega stresses that this is even more reason for users to rely on strong passwords and be careful not to disclose/lose them.

The site also promised that there would be a password change feature and a way to regain access to your account, though not all of your files. A password change feature will re-encrypt all of your files and will be used in the future.

Since all the files are encrypted with keys based on your password, if you lose it, those files become useless. Mega will make it possible to regain access to your account, presumably via the verified email address, but all you'll get is the encrypted files. If you have the keys stored or shared with others, you'll be able to decrypt them, otherwise you're stuck with useless blocks of data.

Mega also touched on its key generation feature. The master encryption key is generated using the JavaScript math.random() method which, like all other computer-based random number generators isn't truly random.

This is why entropy is also used, in this case the motion of your mouse or the timing of keystrokes. Mega promises to make this part clearer to users and enable them to "provide" the entropy data before the key is generated.

Finally, Mega explained its use of deduplication, the practice of only keeping one copy of a file even if more people upload it. This is how Dropbox is able to make efficient use of its cloud storage. But this also means that the company has access to all of the files.

Mega uses deduplication, but only for the encrypted files, which will only be identical if the source files are identical and the same key is used. That's only the case if the same file is uploaded by the same user and also when sharing files with other users.