3-fold encryption

In addition to TLS and server-side encryption, each library can optionally be encrypted using the users can be encrypted. This way the user retains the key sovereignty of his data - not once the system administrators can view an encrypted library

End-to-end encryption means that the data is encrypted during the entire transmission are fully encrypted throughout. Only the communication partners (the "end points") can use the Decrypt the message. For this purpose, a 32 byte cryptographically strong random number is formed, which is used as the key for decryption is used. This so-called file key is additionally encrypted with a password.

luckycloud first uses the PBKDF2 algorithm (1000 repetitions of SHA256) to get from derive a key/IV pair from the password. All the data in the file is stored by the File key encrypted with AES 256/CBC.

The result is the encrypted file key. Then the data is uploaded to the server and saved. In order to access the data, you must use the appropriate file key with the correct password can be decrypted.

To ensure maximum security, the clear text password is never stored on the server, but is entirely the responsibility of the user.

Ready to start?

First test 14 days for free - then pay.