What is the differences in encryption in the free cloud services Mega, Google Drive or OneDrive

We are looking into free cloud service and found some differnece, but the most interesting is the encryption of each:  2048-bit private/public (mega), SSL/TLS only (goggle), SSL only (OneDrive) and Secure Sockets Layer (SSL) / AES-256 bit (DropBox).

What is the differences between them?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Kanti PrasadCommented:

The Key is
     1. Strong Password Enforcement      
     2. Email Verification Requirement
     3. Two -Step Verification      
     4. Client Side Encryption
     5. Using Secured Connection      
     6. Asking Security Question

Google Drive covers most of the security features except encryption.
Microsoft OneDrive and Dropbox come then
Mega provides a complex security feature like encryption, but it does not have two-step verification.
Copy will be more secure with two-step verification, strong password enforcement and other innovative security features.

rayluvsAuthor Commented:
Thanx for the info.  But what is the difference between the encryption each uses:

2048-bit private/public (mega)
SSL/TLS only (goggle)
SSL only (OneDrive) and
SSL / AES-256 bit (DropBox).
Kanti PrasadCommented:

SSL and TLS are the workhorses that provide the majority of security in the transmission of data over the Internet today. The variable level of security is the “cipher” or “encryption technique”.  

The 2048-bit is about the RSA key pair , The 256-bit is about SSL ( Secure Socket Layer). This "hybrid encryption" is done because RSA is not appropriate for bulk encryption, but symmetric encryption cannot do the initial public/private business which is needed to get things started.

2048 bit RSA key is something called asymmetric cryptography. It is used for validating identity (signing) and ensuring that only an intended recipient can access the information sent (encryption). It is composed of two pieces, a public key and a private key.

In SSL, the server key is used only to transmit a random 256-bit key (that one does not have mathematical structure, it is just a bunch of bits); roughly speaking, the client generates a random 256-bit key, encrypts it with the server's RSA public key (the one which is in the server's certificate and is a "2048-bit key"), and sends the result to the server. The server uses its private RSA key to reverse the operation, and thus obtain the 256-bit key chosen by the client. Afterwards, client and server use the 256-bit to do symmetric encryption and integrity checks, and RSA is not used any further for that connection.

(Transport Layer Security)TLS/SSL authenticates and secures data transfers by using certificate-based authentication and symmetric encryption keys. IT can be divided into two layers. The first layer consists of the application protocol and the three Handshake sub-protocols: the Handshake Protocol, the Change Cipher Spec Protocol, and the Alert Protocol. The second layer is the Record Protocol.

Please see the TLS/SSL Message Sequence Overview in the below link to under it better.


AES, the Advanced Encryption Standard, is a relatively new encryption technique/cipher that is the successor of DES. This is used in symmetric key cryptography. Any security-conscious organizations actually require that their employees use AES-256 (256-bit AES) for all communications.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

rayluvsAuthor Commented:
Good info!

Ok prior closing the question, based on your experience which is the most secure and the least secure of the for (4):

2048-bit private/public (mega)
SSL/TLS only (goggle)
SSL only (OneDrive) and
SSL / AES-256 bit (DropBox)
Kanti PrasadCommented:

Mega would be better on Security and the below link will give you some idea on other comparisons.


1. 2048-bit private/public (mega)
2. SSL / AES-256 bit (DropBox)
3. SSL/TLS only (goggle)
4. SSL only (OneDrive) and
rayluvsAuthor Commented:
Ok, ok the other part, which one is the least secure of the four (4)?:

2048-bit private/public (mega)
SSL/TLS only (goggle)
SSL only (OneDrive) and
SSL / AES-256 bit (DropBox)
rayluvsAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.