Encryption

Your data is end-to-end encrypted with ente. Meaning, they are encrypted with your keys before they leave your device.

These keys are available only to you. Meaning only you can access your data else where.

What follows is an explanation of how we do what we do.

Key Encryption

Fundamentals

Master Key

When you sign up for ente, your app generates a masterKey for you. This never leaves your device unencrypted.

Key Encryption Key

Once you choose a password, a keyEncryptionKey is derived from it. This never leaves your device.

Flows

Primary Device

During registration, your masterKey is encrypted with your keyEncryptionKey , and the resultant encryptedMasterKey is then sent to our servers for storage.

Secondary Device

When you sign in on a secondary device, after you successfully verify your email, our servers give you back your encryptedMasterKey that was sent to us by your primary device.

You are then prompted to enter your password. Once entered, a keyEncryptionKey is derived, and the client decrypts the encryptedMasterKey with this, to yield the original masterKey.

If the decryption fails, the client will know that the derived keyEncryptionKey was wrong, indicating an incorrect password, and will surface this information to you.

Privacy

Since only you know your password, only you can derive your keyEncryptionKey.

Since only you can derive your keyEncryptionKey, only you have access to your masterKey.