Encryption

By default the product uses a randomly generated cryptographic key to encrypt uploaded files and other secrets.

In order to generate a new cryptographic key please follow these steps:

1. Navigate to Settings → Security → Encryption.

2. Click on the Generate Key button.
3. A window will appear asking the client to confirm the action.

4. Selecting Cancel will abort the request and no new key will be generated. Selecting Confirm will lead to step 5.
5. The new cryptographic key has been generated. The software will also provide a one time chance to download the generated encryption key in order to store it in a secure place in case it is needed in the future.

6. User agent will prompt the client to store the newly generated key in a file. If the client dismisses this step by mistake, he/she must generate a new encryption key. The previous key will be removed automatically by the system.

The system uses the AES algorithm with CBC mode and PKCS7 padding to generate cryptographic keys. Newly created cryptographic keys are stored in the database as UTF8-encoded hexadecimal characters.

Once a new encryption key is generated, all subsequent file uploads will use the newly created key for encryption. Files that were uploaded prior to the creation of the new key will remain encrypted with the old encryption keys.

Example

1. File1 and File2 are encrypted with key A.
2. User generates key B => key A becomes obsolete.
3. User uploads File3.
4. File3 is encrypted with key B.
5. System does a cleanup check and sees that key A is obsolete but it is still used to encrypt files File1 and File2 so the key is not removed.
6. User generates key C => key B becomes obsolete like key A.
7. User deletes files File1 and File3.
8. System does a cleanup check and erases key B (obsolete + no encrypted files). Key A still has one file (File2) encrypted with it so is left alone. Key C has no files encrypted with it but is the active key so it is left alone.