What is the attack scenario against which encrypted files provide protection?

File-level encryption can be useful in several cases, here's a few examples:

  • Sending data over insecure channels. You mentioned TLS, and that's enough when you have it. But what if you aren't sure every node actually uses TLS? And do you really trust every node? Think about emails, for example.
  • Storing data in untrusted places. You might trust your encrypted external HDD, but what about Google Drive? What about your hosting provider? If you want to be sure that nobody else is able to access your files (Google, employees at your hosting provider, cyber criminals who manage to breach those service, etc.), you will need to encrypt your files.
  • Defense in depth. Full-disk encryption will protect your data when your machine is turned off, but what if an attacker grabs your laptop while it's on? What if your machine gets infected and before you notice all your sensitive files are sent to the attacker? With file-level encryption, the attacker won't have access to the content of your sensitive files right away, so such attacks might fail.

Full disk encryption provides no protection whatsoever against attacker with remote access while your machine is powered (as by definition FDE requires data to be decrypted on every access). So in order to use machine at all, you must unlock all data.

To contrast, encrypted files are decrypted only on explicit user request providing password. That means even when machine is compromised, those file are secure until user provides valid password, which gives extra time to detect attacker and protect yourself. This also provides much higher granularity (as the password can be different on every one of them, or depending on sensitivity of data, or the group of users it is shared with), providing extra security via principle of least privilege

For example, my cooking recipes which I use every day could be protected by one password, my checking banking accounts which I pay once per month by another one, and my will which I change once every 10 years by yet third password. So the attacker would have to remain undetected for 10 years is he hopes to see my will. With FDE, he would have access to it immediately with everything else.

Also, separately encrypted files are compatible with shared fileserver, which is accessed by users with different privileges (and thus knowing only a subset of shared passwords the documents are encrypted with).

TLS itself has a lots of problems, like MiTM attacks or CA compromises (do you really trust all that CAs in your web browser? I certainly don't for anything serious - you could delete all of them and use only your own CA, which would be secure, but no one does it as it would preclude you from accessing you bank etc).

Encrypted files on the other hand depend only on secrecy of password shared by you and others that need to access that information - and you have complete control over that.

Encrypted files are also end-to-end protected when you transmit them, so they don't care if the path in between you and the recipient is compromised. You attach encrypted file to you email, and you known nobody can read it unless they know the password. If you instead rely in ISPs to properly implement TLS in SMTP, you are about to be in the world of pain (SMTP STARTTLS stripping MiTM, default SMTP fallback to plaintext, files being stored in plaintext at recipient IMAP server and depending on ISP's security and goodwill of its disgruntled employees etc.)

Also, think of defense in depth. You can (and should, if you care enough) use encrypted files and TLS and FDE to achive best security.


The only point I can see is a low-skill attacker which has access to the machine with the encrypted file. Essentially if a friend / family member has access and does not accidentally see something. Do I miss a scenario?

Your assumption that the only way an attacker can have access to your computer is by being physically present is completely wrong.While i wont talk about skills of said attacker,he still has many ways to run malicious code in your computer,once he can do that he can also exfiltrate data to his C2.

I wonder what scenario they actually help with or if it just is a bad solution.

Encrypting data helps in the scenario of data storage and is a defence in depth concept.Look at just last year how many companies have been breached and had their data stolen,think of all the passwords/credit card numbers that were stored plaintext.In my opinion file encryption of sensitive data is a must and should be in threat model of everyone.