I'm building a webapp storing the data in the cloud and some of our users are concerned about their privacy. They don't want their data stored in plaintext in the cloud and we're planning on offering an option to encrypt it before its sent to the server.
The main issue I have is how to manage the keys.
My plan is to not do anything weird or invent my own crypto or key management.
What I'm worried about primarily is when the user uses a new computer or it's destroyed.
How do they get new keys?
What do other services do here and are there any standards / best practices I can follow?