VaultForm Security Breakdown
Get a clear look at how we protect your data, buzzword free. Step through the process using the same code that protects your information.
1. Generate Salts and Iterations
Before your account is created, we need to create the random variables that are used to derive a key from your password. The values we generate here are 'randomness' we add to your password so we know it's you without knowing your password. Since this will be tied to the access on your account, it's done in your browser. We're going to need two sets of password derived keys, so let's generate two sets of salts and iterations. These values are saved with your email when you sign up for an account.
Randomly generates 32 byte salts & integers between 100,000 and 200,000.
2. Derive Keys from Password
Now that we have our two sets of salts and iterations, we're going to use these to derive two sets of keys. The first key (Derived Key) has a very important job we'll talk about more in the next step. The second key (Derived Password) will be sent to the server when you sign up to authenticate you when you login later. Most other applications will send your password in plaintext and do these computations server side. But we need to make sure that our server can never see your password in plaintext, ever, for this next step.
Password, salt, and iterations are used by the PBKDF2 algorithm to derive keys.
3. Generate Public and Private Keys
Next we make use of our Derived Key by using it as the passphrase to generate an Armored Private key and a Public key. The Derived Key encrypts the Private Key, so we would need it when we want to decrypt it from its Armored state later. It's important that we never send this Derived Key to the server, so once it has done its job of encrypting our Private Key, we can discard it.
OpenPGP's ECC algorithm is used to generate the keys.
4. Create the Account
We've generated a lot of data. All data is saved with the user except the Password and the Derived Key. The user's Email, Armored Private Key, Public Key, both sets of Salts and Iterations, and the Derived Password, all get sent to the server. At this point the server can now verify that the user is who they say they are with the Derived Password. It can provide them with the salt and iteration to generate the Derived Key. And it can encrypt response data with their public key. The server takes care of storage at this step, so nothing for the client (you) to do!
5. Encrypt the Response
Once you've created your form and sent it out, your Public Key will be attached to it. This lets us encrypt responses to your form with your Public Key before we send it back to the server and save it. Once it's encrypted, it can't be decrypted without the unlocked Private Key. Let's pretend this is a short survey asking what your favorite snack is.
5. Decrypt the Response
Now we can access the response only if we can 1. generate the same Derived Key to unlock the Armored Public Key, and 2. Show the server the same Derived Password. When you login, the server will see your email and pass back the Salts and Iterations you need to generate these value again. By using the same password all values will match. This will attach the Derived Key to your browser's local storage so your form responses can be decrypted!