I doubt, the free version with unencrypted file name is useless and misleading for encryption.

ccchan

I just think that in my google drive + free ver of boxcryptor,
my files like Boxcryptor_v2.24.747_Setup.msi.bc is shown to google and NSA.

I doubt NSA could simply get this Boxcryptor_v2.24.747_Setup.msi.bc and
compare to Boxcryptor_v2.24.747_Setup.msi by binary, and will know my key.

If this is the case, the free version is essential with NO protection,
as a single-web-download-file-unmodified-filename is a killer.
The free version is just for testing.

And... I don't know how to transfer to the paid version,
as for me, google drive already have a copy of Boxcryptor_v2.24.747_Setup.msi.bc,
NSA could like up in the database IF they want. They could now easily calculate my key I think?

encryption with close source software is really interesting.

Thanks

ccchan

an expert from another competitor say the chance is low for AES, however.

"You describe a known-plaintext attack

As far as I know there is no confirmed, successful known plaintext attack against AES. And you can not calculate the key from it.
So my answer is: no
If you are interested in “why” AES is resistant to this attack, you may read more about differential cryptanalysis"

Christian

Hello ccchan,

let me help clear things up a little bit ;-). For our crypto nerds: I'm going to simplify things a little here, since details in crypto can be quite technical.

What you describe is indeed a Known-Plaintext attack. This attack, however, is not applicable to AES in the mode that we're using it. It is mainly of concern when AES is used in some stream-cipher mode (while we are using AES in block-chaining mode).

Just think about it: If knowing the plaintext of an encrypted file would help you to recover the encryption key, than normal file encryption would be all but impossible. Just think about files like desktop.ini on Windows, which is often created and very deterministic. Or take into consideration the fact that many files do always start with the same bytes due to their format. Or your very own example of the downloaded file.

That means that any encryption solution worth its salt will not be vulnerable to a simple Known- or Chosen-Plaintext attack. Of course this also applies to Boxcryptor.

In regards to our encryption mechanism: We explain how our encryption works in detail here: https://www.boxcryptor.com/en/technical-overview/. So you as well as any encryption expert can verify that our encryption is indeed secure.

Best regards,
Christian