You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When reading the security paper the algorithm of how to generate the key from the password is explained, but I found no information about where the key for de/encrypting for the files on the server is stored.
Is there any documentation about it? Of course the derived encryption key is useless without having a valid access token to download + decrypt relevant information.
The text was updated successfully, but these errors were encountered:
Hello.
Q1 Answer:
Nodes (files/folders) keys are stored in the node's metadata (we call them node's attributes). The node's key is passed to the server along with other attributes after it gets encrypted with the user's Master-key.
Therefore, the servers will have an encrypted form of the node's key which cant be used to decrypt the node's content (data).
Only the user can decrypt nodes data after fetching their keys and using their own Master-key to decrypt the node's key, then use the decrypted node key to decrypt the data.
Q2 Answer:
This key storing is made for the purpose of keeping the session active for the user without the need for re-login.
So, the key gets stored if the user ticked "remember me" or till they log out.
When reading the security paper the algorithm of how to generate the key from the password is explained, but I found no information about where the key for de/encrypting for the files on the server is stored.
Is there any documentation about it? Of course the derived encryption key is useless without having a valid access token to download + decrypt relevant information.
The text was updated successfully, but these errors were encountered: