Before version 4.0, Seafile only supports syncing via a self-designed protocol. Every seafile desktop client has a unique private key. When a client and a server connect, they will exchange public key and negotiate a session key. The session key is derived from cryptographically secure random number with PDKDF2 algorithm. And it's exchanged between the client and the server with RSA encryption. This session key will be used to encrypt the data transfer with AES-256/CBC algorithm.
From version 4.0, Seafile supports syncing via HTTPs protocol, which is a more standard approach.
From version 4.1, Seafile uses HTTP syncing protocol by default.
Seafile provides a feature called encrypted library to protect your privacy. The file encryption/decryption is performed in the client-side when using the desktop client for file syncing. The password of an encrypted library is not stored in the server. Even the system admin of the server can't view the file contents.
CAUTION: The client side encryption is not work currently for mobile client, web browser and the cloud file browser of the desktop client. When you browsing encrypted libraries via the mobile client, web browser and the cloud file browser, you will need to input the password. And the server will cache the password in memory for 1 hour. From version 4.1, the server will cache the hash value of the password, not the original password in memory.
When you create an encrypted library, you'll provide a password for it. All the data in that library will be encrypted with the password before uploading to the server.
The encryption procedure is:
- Generate a 32-byte long cryptographically strong random number. This will be used as the file encryption key ("file key").
- Encrypt the file key with the user provided password. We first use PBKDF2 algorithm to derive a key/iv pair from the password, then use AES 256/CBC to encrypt the file key. The result is called the "encrypted file key". This encrypted file key will be sent to and stored on the server. When you need to access the data, you can decrypt the file key from the encrypted file key.
- All file data is encrypted by the file key with AES 256/CBC. We use PBKDF2 algorithm to derive key/iv pair from the file key. After encryption, the data is uploaded to the server.
The above encryption procedure can be executed on the desktop and the mobile client. The Seahub browser client uses a different encryption procedure that happens at the server. Because of this your password will be transferred to the server.
When you sync an encrypted library to the desktop, the client needs to verify your password. When you create the library, a "magic token" is derived from the password and library id. This token is stored with the library on the server side. The client use this token to check whether your password is correct before you sync the library. The magic token is generated by PBKDF2 algorithm with 1000 iterations. So it's safe from brute force attack.
For maximum security, the plain-text password won't be saved on the client side too. The client only saves the key/iv pair derived from the "file key", which is used to decrypt the data. So if you forget the password, you won't be able to recover it or access your data on the server.
Why fileserver delivers every content to everybody knowing the content URL of an unshared private file?
When a file download link is clicked, a random URL is generated for user to access the file from fileserver. This url will be valid for 1 hour to support web browser cache.