Mega launched on Saturday, giving away 50GB of free space to users and claiming tougher security over its predecessor, Megaupload. Since then, there have been reports that Mega’s security isn’t exactly as safe as it claims to be. Mega touts something called User Controlled Encryption (UCE), which is a fancy way of saying that all files stored on Mega’s services are automatically encrypted with 2048-bit RSA encryption.
The problem with this encryption is that it encrypts and decrypts files using the same encryption key. If someone can gain access to that key, they can decrypt all of your files. Another problem with Mega’s encryption implementation is that user specific encryption keys are generated and tied to your account.
This means you can’t change your password and if you ever forget your password, you’ll lose the ability to decrypt your files. A hash of the password used to sign up for the account is included with the confirmation code sent from Mega when a user registers for the service, giving hackers a method of obtaining his or her encryption keys.
Mega also uses keyboard and mouse movements to introduce entropy while generating users pairs of private and public keys. While this sounds very secure, Mega still uses the math.random Javascript to create random numbers, which doesn’t generate the most random numbers. Mega most likely chose to use the Javascript to generate random numbers as it can be run within any modern browser and can be updated easily.
While these are legitimate security concerns, the level of security that Mega offers is good. The biggest issue that Mega needs to address is the inability to change your password and encryption keys. Mega’s encryption is open source, which the company hopes will allow the security community to help develop further.
Sources: Ars Technica and BetaNews
