What are encryption and decryption?
Encryption is the process of transforming readable data (plaintext) into an unreadable format (ciphertext) using an encryption key. Without the corresponding decryption key, the ciphertext appears random and cannot be effectively recovered. Encryption can be:
- Symmetric: The same key is used for both encryption and decryption.
- Asymmetric: Encryption and decryption use a mathematically linked public-private key pair.
Decryption is the reverse process: using the decryption key to transform ciphertext back into plaintext.
Tresorit uses AES-256 for symmetric encryption and RSA-4096 for asymmetric encryption.
What is a symmetric key?
In symmetric-key cryptography, the same (or trivially related) secret key is used for both encryption and decryption. Symmetric encryption is computationally faster than public-key encryption, but it requires securely sharing the secret key between parties.
Tresorit uses symmetric keys with the AES-256 algorithm to encrypt data uploaded to the cloud.
What is AES-256?
AES-256 (Advanced Encryption Standard with a 256-bit key) is a symmetric block cipher standardized by the U.S. National Institute of Standards and Technology (NIST) in 2001. It is based on a substitution-permutation network, where each cycle (or round) of encryption includes:
- Combining plaintext with a round key (derived from the encryption key)
- Substituting bytes with other bytes
- Permuting (rearranging) the byte order
AES-256 repeats this cycle 14 times to produce the ciphertext. Decryption reverses these steps using the same keys in reverse order. The U.S. government approves AES-256 for protecting Top Secret information, and as of today, all known attacks are computationally infeasible.
What are public and private keys?
In public-key cryptography, every user has a key pair:
- Public key: Shared openly, used by others to encrypt data or verify signatures.
- Private key: Kept secret, used to decrypt data or create signatures.
It is mathematically infeasible to derive the private key from the public key. Beyond encryption, key pairs are used for digital signatures and authentication.
In Tresorit, every public-private key pair comes with a certificate.
What is RSA?
RSA is a widely used public-key algorithm for both encryption and digital signatures, named after its inventors: Rivest, Shamir, and Adleman. Its security relies on the difficulty of factoring large integers.
- Encryption: The sender uses the recipient's public key (modulus n and exponent e) to transform plaintext into ciphertext.
- Decryption: The recipient uses their private key (exponent d) to recover the plaintext.
- Digital signatures: The signer uses their private key to sign a hash of the message. Anyone with the public key can verify the signature.
Tresorit uses RSA with 4096-bit keys for maximum security.
What is a digital signature?
A digital signature provides authenticity and integrity:
- It is created by applying a private key to the hash of a message.
- Recipients verify it by using the sender's public key.
- A valid signature proves that the message was created by the claimed sender and that it has not been altered.
Tresorit uses RSA-based digital signatures extensively to protect both identity and data integrity.
What is hashing?
Hashing is a one-way mathematical operation that produces a fixed-length output (a hash) from input data of any length. Key properties of cryptographic hashes:
- Irreversible: The original input cannot be reconstructed from the hash.
- Collision-resistant: Different inputs are extremely unlikely to produce the same hash.
- Sensitive: Even the smallest input change creates a completely different hash.
Hashes are widely used for integrity checks and in digital signatures. Tresorit uses SHA-256, SHA-384, and SHA-512.
What are SHA-256, SHA-384, and SHA-512?
These algorithms belong to the SHA-2 family of cryptographic hash functions standardized by NIST in 2002.
- SHA-256 produces a 256-bit hash using 64 compression rounds.
- SHA-384 and SHA-512 produce 384-bit and 512-bit hashes using 80 rounds.
They rely on combinations of bitwise operations (rotation, addition, XOR, shifting) to compress arbitrary input into a fixed-size hash. As of today, full SHA-2 remains secure against practical attacks.
What is a user certificate?
A user certificate is an electronic document that binds a public key to a person's identity, secured with the digital signature of a certificate issuer.
When you sign up for Tresorit, our server issues a certificate for you – even if you already have one from another authority. This is because Tresorit does not fully trust external certificate authorities for maximum security.
Tresorit certificates follow the X.509 format, but they are only valid within Tresorit. If you delete your account, your certificate is revoked.
What is the X.509 certificate format?
X.509 is an ITU-T standard that defines the format for public key certificates, certificate revocation lists, and related data. It is the most widely used standard for digital certificates. For the full specification, see the X.509 recommendation.
Who is a certificate issuer?
A certificate issuer – also called a Certificate Authority (CA) – is an entity that verifies ownership of a public key by issuing a digitally signed certificate. Certificates are trusted as long as their issuer is trusted (directly or through a trusted chain).
In Tresorit, certificates are issued by its own CAs and trusted only within its ecosystem.
What is certificate revocation?
Certificates can expire or be revoked if their private key is compromised. Revoked certificates are added to a Certificate Revocation List (CRL), which is itself digitally signed by the issuing CA. Certificates on the CRL should no longer be trusted.