4th-A Technologies, LLC
            Knowledge Base 4th-A Technologies, LLC Privacy

            Is my data encrypted in the cloud ?

            Yes. Before uploading any content to the cloud, your data is first encrypted client-side (on your own device) using a key that only you know (and which our servers will never know). Which means the server is never capable of decrypting or reading the data you store in the cloud.

            Only your devices (and anybody you explicitly share with) will be able to decrypt your files.

            Technical Details:

            Storm4 generates a random encryption key for every document that you store in the cloud. This means that, even if an attacker was somehow able to determine the encryption key for one of your files, that wouldn't help them decrypt anything else.

            Syncing your files between your devices (and sharing files with other users) works by encrypting the (randomly generated) file encryption key to the public key of users you intend to share the file with.

            For example, if you're not sharing a file (only syncing it across your own devices), then Storm4 will:

            - generate a random file-encryption-key
            - encrypt the file using the file-encryption-key
            - then encrypt the file-encryption-key using your own public key
            - upload the encrypted file along with the encrypted key

            By encrypting the file-encryption-key with a public key, we ensure that only those with the corresponding private key will be able to decrypt it. And only your devices have this private key. Thus only your devices will be able to decrypt file-encryption-key. And with it, they will be able to decrypt the file itself.

            Sharing a file with another user (e.g. a friend or colleague), works in a similar fashion. Storm4 will:

            - generate a random file-encryption-key
            - encrypt the file using the file-encryption-key
            - encrypt the file-encryption-key to both your own public key, and also to the public key of the user you're sharing the file with
            - upload the encrypted file along with the encrypted key
            - notify the other user about the file you shared with them

            The only users capable of decrypting the file will be those with the private keys needed to decrypt the file-encryption-key. So only your own devices, and the user you shared the file with.
            Updated: 04 Feb 2018 10:54 PM
            Helpful?  
            Help us to make this article better
            0 0