I've been coding for over 20 years now! (WOAH, do I feel old)
I've touched just about every resource imaginable under the Sun (too bad they were bought out by Oracle)
One thing I'm curious about with all of this. If it is end-to-end encrypted, how are the encryption keys stored and transmitted, say, if moving to a new device?
Everything is encrypted using a passphrase, which the user set during sign-up. If the user logs in from another device, he/she has to enter the same passphrase again. Obviously, this passphrase cannot be changed.
We are working on a doc where we will detail out the encryption logic. I will update this blog post once its ready.
I've been coding for over 20 years now! (WOAH, do I feel old)
I've touched just about every resource imaginable under the Sun (too bad they were bought out by Oracle)
There was a slight confusion. The password can indeed be changed. Just that we have not shipped the feature yet.
Circling back to your original question about how the keys are transmitted, we generate a masterKey when you sign up. This masterKey is encrypted with a keyEncryptionKey, derived from your password. This encryptedMasterKey is then stored on the server. When you sign in on a new device, this encryptedMasterKey is retrieved from the server. As the last step, once you re-enter your password the new device will derive the keyEncryptionKey, and compute the original masterKey.
Please let me know if you have any follow up questions!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
One thing I'm curious about with all of this. If it is end-to-end encrypted, how are the encryption keys stored and transmitted, say, if moving to a new device?
Everything is encrypted using a passphrase, which the user set during sign-up. If the user logs in from another device, he/she has to enter the same passphrase again. Obviously, this passphrase cannot be changed.
We are working on a doc where we will detail out the encryption logic. I will update this blog post once its ready.
Now I'm curious to know why the password can never be changed? There are other persistent encryption systems that allow this.
Hey Vincent, founder of ente.io here.
There was a slight confusion. The password can indeed be changed. Just that we have not shipped the feature yet.
Circling back to your original question about how the keys are transmitted, we generate a
masterKeywhen you sign up. ThismasterKeyis encrypted with akeyEncryptionKey, derived from yourpassword. ThisencryptedMasterKeyis then stored on the server. When you sign in on a new device, thisencryptedMasterKeyis retrieved from the server. As the last step, once you re-enter yourpasswordthe new device will derive thekeyEncryptionKey, and compute the originalmasterKey.Please let me know if you have any follow up questions!