I’ve posted several times on the Jungle Disk Forums regarding the encryption done by Jungle Disk. A FAQ will be forthcoming for the website in the future, but in the mean time I thought it was worth going into more detail about how Jungle Disk encrypts your data here.

By default Jungle Disk encrypts files that are stored on S3 prior to uploading them using 256-bit AES. AES is one of the most studied and most secure ciphers available today, and 256-bit keys are the largest and most secure it supports. Jungle Disk uses a unique key for each file, and constructs the key using a HMAC that helps protect against certain attacks. Code that demonstrates how data is encrypted/decrypted is available for download on the Jungle Disk Download page under the GPL license.

You have several options for controlling your encryption key. The first option is to use your AWS Secret Key to derive the file encryption keys. This helps make the encryption as seamless as possible and protect users from losing their data due to forgetting a key, since the key can be recovered from Amazon. If you prefer, you can also specify a custom encryption key if desired. Note that if you forget your key there is no way to retrieve it or your data.

You can also change your encryption key at any time. When changing your key, only newly uploaded files are encrypted with the new key. Existing files are not re-encrypted, as that would require downloading and reuploading all of them. To enable you to access files encrypted with other keys, Jungle Disk allows you to specify a list of previous decryption keys to use. Jungle Disk adds a special metadata header to each file when it is uploaded. The header contains a salt value and a one-way hash of the salted key. This allows Jungle Disk to determine the correct key to use to decrypt the file. Note that without the decryption keys the header is of no use, and you cannot even tell which files are encrypted with which keys unless you possess the keys.

Finally, a few words on things that are not encrypted. Files cached locally on your machine by Jungle Disk are not encrypted. Since they are accessible to any local user already via WebDAV, encrypting them on disk doesn’t make sense and adds unnecessary overhead. A menu option is available that allows you to clear your cache contents at any time. File names and paths are encoded, but not encrypted. However, if you enable SSL, they will be encrypted while “over the wire” between your machine and the Amazon data center.