Dotcom’s New MEGA Storage

New Zealander Kim Dotcom, that large gadfly who is still facing extradition to the US for alleged “piracy” of American entertainment (see the WSJ story) has launched his new—and improved—cloud file storage service, MEGA. Apparently the “improvements” involve a requirement that you use a browser to upload and download to the service and the provision for your browser of an encryption key that only you (i.e. your browser) control. This is Dotcom’s way of being able to say to prying industry or governmental eyes that MEGA does not know what you’re using his site for because it cannot know, given the essentially unbreakable encryption you’re using. Should you wish to give another person access to a file in your MEGA account you can do so by sending them, under separate cover as it were, a key to gain access to the file, effectively shutting MEGA out of detailed knowledge of what it is that you’re sharing.


For those of you who are technically minded, the encryption uses a 2048-bit RSA key. I myself have only the most impressionistic understanding of what this means in practice, except that it’s pretty hard to crack. For what it’s worth, I’ve found this oldish site on the relevance of RSA key lengths that may help somewhat to fill in the picture for you. Evidently, 2048 bits will be a decent length for at least another decade or so, by which time increased computing power will have significantly reduced its contribution to file security. The takeaway from the site:

  • a RSA key length of 1024 bits is sufficient for many medium-security purposes such as web site logins;
  • for high-security applications1 or for data that needs to remain confidential for more than a few years, you should use at least a 2048-bit key, and consider having a contingency plan for migrating to larger key sizes;
  • to keep data confidential for more than the next two decades, RSA recommends a key size larger than 2048 bits

It seems there’s a downside to using larger keys, in that the time it takes to encrypt and decrypt files rises exponentially with the size of the key.

I’ve opened a MEGA account and found the process perfectly easy. The service offers 50GB of storage for free and has paid plans for amounts larger than that.

Retweet information »


  1. For a less optimistic review of the service, see this Slashdot article.