One of the more interesting things about Mega, Kim Dotcom's just launched cloud storage service, is the client-side encryption. It's been one of the most touted features at the core of the service. Yet, despite all the hype, Mega doesn't make it all that clear how its encryption works.
That may or may not be a conscious effort, but based on first impressions, it seems that Mega's encryption could do with some improvements and is not as secure as it could be.
Mega boasts that all of your files are encrypted client-side, meaning they can only be read by you and whoever else has the encryption key for that particular file.
Mega doesn't have that key so it can't know what you store on the service, a great way to waiver responsibility over what people upload and share.
The files themselves are encrypted with the widely used AES-128 encryption protocol with the same key used to encrypt and decrypt them.
So you may be wondering how this can work. Well, the truth is that the encryption key for all your files is actually stored in the cloud. The key itself is encrypted using your password, as Ars Technica explains
This means that Mega can't know what it is, but it also means that your account and all of your files are only as safe as your password is. All anyone has to do to get access to everything is get your password.
Granted, your account could be made more secure with something like two-step authentication, for a start, but, for now, the password is all you get. There's no password recovery method to keep your account safe yet, which means that if you forget your password, you won't be able to regain access to your account or, crucially, your files.
UPDATE: Mega has explained some of its practices and rebutted some of the claims, you can find out more here