Data Encryption Key (DEK)Copied!

A symmetric key used to encrypt and decrypt actual data, such as file blobs, file names, vault names, vault descriptions, etc.

Vault Key PairCopied!

A pair of keys: Vault Private Key & Vault Public Key.

Used to encrypt/decrypt Data Encryption Keys (DEKs).

All DEKs within the vault are encrypted using the current Vault Public Key and each valid vault member has access to Vault Private Keys.

User Key PairCopied!

A pair of keys: User Private Key & User Public Key.

Used to encrypt/decrypt user personal data & Vault Private Keys.

When the user creates or is invited to join a vault, Vault Private Keys are encrypted using a given User Public Key, later the user can decrypt Vault Private Keys with their personal User Private Key and access vaults contents.

Password KeyCopied!

A strong symmetric key derived from the user’s password, used to encrypt User Private Key before storage.