How Proton Drive downloads your files without breaking encryption

Share this page

Whenever we develop a service, our goal is to make sure it does not leak or expose any of your information at any time to anyone, including ourselves. This is a radically different approach to most Big Tech offerings, where data collection is the true purpose of the service. This approach also means we often have to create entire new frameworks to handle what otherwise might seem like a simple function.  

In this article, we explain how Proton Drive downloads your files so that you receive them quickly while making sure your information remains private and encrypted, even from us.

How downloading files normally works

Before we can explain how Proton Drive downloads your files, we’ll need to look at how most cloud storage services download files. 

In the early days of the internet, servers handled the vast majority of the “work” (data processing, encryption, etc.), and web apps did relatively little beyond relaying information to the user. 

As the internet developed, applications became more complex and handled more of the processing themselves on the user’s devices. While this allows for more functionality, it comes with a downside. Instead of being able to use the massive amounts of memory and computational power of a server in a data center, the application is bound by the amount of memory, features, and computational power of the device it’s running on.

Current app development is a balancing act between what tasks the server will handle and what tasks the client (or app) will handle. 

This brings us to cloud storage. The simplest way to fetch an encrypted file is to:

  1. Have the frontend client, such as your browser, initiate a request and have the backend server deal with it. 
  2. The backend server finds the files, creates an archive (if needed), and sends everything back to your browser as a file download. 

In this example, your cloud storage service’s backend server does most of the work. Your browser simply receives the file.

This system, while efficient and direct, requires the server to be able to decrypt your files. This simply does not meet Proton’s standard for privacy. 

Proton Drive decrypts files locally and doesn’t have access to your data

Our focus on privacy means we do not want any unencrypted data sent to our servers. Consequently, we have our client handle computational work that other cloud storage services can delegate to their centralized servers.

As a result, the way Proton Drive fetches files looks more complex. If the file being downloaded is small, a download on Proton Drive uses the following process:

  1. The frontend client (your browser) initiates the request.
  2. Proton Drive fetches all the related data and sends it in an encrypted state to your browser.
  3. Your browser (the client) decrypts the data, buffers it in memory, and creates an archive that’s then sent out as a classic download.  

This way, the Proton server never interacts with unencrypted data or the unencrypted keys that would allow us to decrypt your data. Your client (your browser) handles this entire process. This solution is fast, robust, and straightforward, and the user experience is nearly the same as a standard download.

While this file fetch system works, it is not scalable. We only do this with small files because the size of the file you can download is constrained by the device’s memory, which can vary from device to device. If you’re trying to download 10 GB of files on a device that only has 8 GB of memory, it will simply not work.

Proton Drive “streams” encrypted data to avoid memory constraints

If you want to download a large file (or a lot of files at once), Proton Drive uses another approach: a streaming solution with service workers, which are a type of web worker. A web worker is a web technology that’s used to do work in the background. They let browsers do heavy data processing without freezing or locking up. 

A service worker is a special type of web worker that also runs in the background, but it has an important ability: it can act as a proxy, essentially a “middle” layer that can be used for caching. As discussed earlier, a browser can’t create and download a stream without storing the entire file in its device’s memory. Using service workers allows us to work around this limitation. The process of downloading a large encrypted file (or many encrypted files at once) from Proton Drive looks like the following:

  1. The client (your browser) initiates the request.
  2. Proton Drive fetches all the related data and sends it in an encrypted state to a web worker on your browser.
  3. The web worker receives each bit of data, decrypts it, verifies the signature on the file(s), creates an archive (if it’s multiple files), and sends it along in a stream to a service worker. At no point is the entire download compiled or buffered, so it doesn’t matter how much memory your device has.
  4. The data then passes through the service worker in a streaming fashion and is sent to your browser as a standard download.  

This process is clearly more complex than normal file downloads, but we have done this extra engineering because we’re committed to your privacy. The use of encrypted data streams is an additional complexity, but an important one because it allows Proton Drive to handle much larger files than most other end-to-end encrypted cloud storage solutions. In fact, the only limit on the size of your download is the amount of storage that comes with your Proton Drive plan (and, of course, your device’s storage capacity).

This system led to a longer development time for Proton Drive, but it enables a more seamless user experience, with the download experience being virtually indistinguishable from unencrypted cloud storage services. 

Taking security to the next level with digital signatures

With Proton Drive, we don’t just encrypt your data — we also sign it. We have several signatures to protect our users from possible MITM attacks, including from us. These signatures prove that the data has not been altered, intercepted, or replaced. Checking those signatures on the fly is part of the streaming download process as well. 

If we discover an issue, such as a missing or incorrect signature (which could lead to a garbled file or is a sign of a tampered file), we’ll pause the download and show you a pop-up dialog that asks if you want to continue. 

Proton Drive – Better cloud storage for a better internet

As you can see, Proton Drive does not simply use the same technology as standard cloud storage services. Our focus on making sure you remain in control of your data at every step while also wanting to deliver seamless, fast service means we must build our own process from the ground up. This can make development tricky, but it’s what is necessary to build the world’s most secure and private cloud storage.

As always, we welcome your comments and suggestions on Facebook, Twitter, or Reddit,

Join the Proton ecosystem
Create a free account

Share this page

Related articles

Over 300 billion emails are sent and received daily around the world, making it one of the most popular forms of communication. However, most modern email providers, such as Gmail or Outlook, do not adequately protect your emails.  Gmail stopped rea
Your calendar is more than just a planning tool — it’s a record of your life. It lists what you’ve done, where you’ve been, and who you’ve met. This information deserves the same level of protection as your email and files, which is why we created Pr
Everyone has files that need to be encrypted. From intimate personal details to legal and financial documents, your files contain information that should be private and secure. But many internet services we all use every day are not private. Compani
For years, Apple watched Google and Meta make billions by collecting every scrap of people’s data to target them with ads. Now it appears it was just taking notes. Apple’s advertising operation follows the surveillance capitalism model of its rivals
When we launched Proton Drive two months ago, we wanted to create a truly private and secure cloud storage service. An encrypted cloud that allows anyone on the internet to safely store, access, and share their files without worrying about unauthoriz
From our initial crowdfunding campaign to the recent launch of our encrypted cloud storage service Proton Drive, Proton has always been supported by the community. Your feedback tells us what new features to develop and which we should improve.  For