OneDrive


Feedback by UserVoice

How can we improve the OneDrive Developer Platform?

Stop bypassing EFS encryption and upload Encrypted files as encrypted

When OneDrive uploads a file that has been encrypted with EFS (Encrypted File System), it uploads the unencrypted version of the file. It is obviously inappropriate to upload encrypted files in plaintext ESPECIALLY for a cloud provider.

A simple fix is to respect the EFS encryption of files and use the existing APIs to upload the RAW encrypted data, allowing users to encrypt sensitive files that are still encrypted in transit and at rest on OneDrive servers.

For example, you can use these API calls to get access to the encrypted contents:

The way you open an encrypted file in order to read its raw encrypted contents (e.g. for a backup/restore application) is to use the:

OpenEncryptedFileRaw,
ReadEncryptedFileRaw,
WriteEncryptedFileRaw, and
CloseEncryptedFileRaw

30 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    0 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base