Encryption
Encryption in Stores
Each file is protected by a synchronous key, which is further secured using an asynchronous pair of public and private user keys. This dual-layer encryption ensures that the system remains both safe and efficient.
Encryption Scenario
Only an end user can create a Store, by providing a set of public keys for the users who should have access to the Store.
A symmetric key for the Store (Store Encryption Key) is then generated by the Store author/owner and securely stored on the server, encrypted using public keys of users assigned to the Store. This ensures that only the authorized users have access to the Store's Encryption Key. Unencrypted keys never leave user Endpoints.
When accessing a Store, the encrypted Store Encryption Key is sent to each user based on their assignment to the Store. Only the users with proper Private Keys can decrypt Store Encryption Key. Using the decrypted key, messages are encrypted and signed with the users’ Private Keys before being sent to the Bridge.
This process is handled by PrivMX Endpoint and is completely seamless for the users.
We use cookies on our website. We use them to ensure the proper functioning of the site and, if you agree, for purposes we set, such as analytics or marketing.