OneDrive


Feedback by UserVoice

How can we improve the OneDrive Developer Platform?

Stop bypassing EFS encryption and upload Encrypted files as encrypted

When OneDrive uploads a file that has been encrypted with EFS (Encrypted File System), it uploads the unencrypted version of the file. It is obviously inappropriate to upload encrypted files in plaintext ESPECIALLY for a cloud provider.

A simple fix is to respect the EFS encryption of files and use the existing APIs to upload the RAW encrypted data, allowing users to encrypt sensitive files that are still encrypted in transit and at rest on OneDrive servers.

For example, you can use these API calls to get access to the encrypted contents:

The way you open an encrypted file in order to read its raw encrypted contents (e.g. for a backup/restore application) is to use the:

OpenEncryptedFileRaw,
ReadEncryptedFileRaw,
WriteEncryptedFileRaw, and
CloseEncryptedFileRaw

34 votes
Vote
Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: facebook google
Signed in as (Sign out)
Submitting...

Feedback and Knowledge Base