We are excited to share that we are set to begin a new chapter with Dropbox, Inc. Dropbox is acquiring our IP technology to embed natively into the Dropbox product, bringing end-to-end, zero-knowledge encryption to millions of business customers around the world. Check out our blog to find out more!

Hero Default Background

Technical Overview

Technical Overview

If you want to learn more about how Boxcryptor works, you are in the right place here. Read on for deeper information about certain technical aspects of Boxcryptor.

Encryption Keys Used in Boxcryptor and Their Functions

Every user, group and company uses an RSA key pair (private and public) as well additional AES keys for specific purposes. Company keys are optional and are only set when the Master Key policy is used.

Boxcryptor uses additional AES keys. Generally, keys are never re-used for multiple purposes. Currently, the following additional AES keys are used in Boxcryptor. If required by new features, this list might grow in the future.

Boxcryptor Server – What User Data we Store

All data that we store on our servers is secured and protected. In order to provide a seamless user experience over a number of different devices and with core features such as file access sharing, Boxcryptor needs to store some data on the Boxcryptor server.

Data Privacy – How we Protect the Data on our Servers

Due to Boxcryptor's zero-knowledge nature, all sensitive information that reaches the Boxcryptor server is already encrypted (for example private RSA keys) or otherwise non-retrievable (for example the password hash). In order to further increase security, all sensitive data and personal information is encrypted additionally, before persisted to the database. The server location is in Germany and the data center is ISO/IEC 27001:2013 certified.

The database encryption key is only available to the application during runtime. In case of a database breach, an attacker would only be able to get access to encrypted data.

Of the data that we store, your email address, your private RSA key and your password are the most sensitive values. This is how we protect them.

Data Privacy+ with Zero Knowledge – Full Control Over Your Data

Boxcryptor is a zero knowledge provider. Any private and sensitive information will always be in encrypted form, protected by the user’s password – which we do not know and have no way of finding out. Only public keys are in plain text.

Passwords, password keys and file keys never leave the users’ devices and are never transferred anywhere or to anyone. User keys, group keys, and company keys are stored on the Boxcryptor server, but in encrypted form. All encryption operations take place on your device – never on our servers.

The starting point for every decryption process is the user’s password key as this one is required to unlock the private key and the wrapping key, which again are required to unlock all other keys in the system (AES keys, file keys, membership keys, group keys, etc.). The password key, however, never leaves the user's device. Even though the Boxcryptor server stores keys for all users, Boxcryptor is a zero knowledge provider, because the sensitive keys are already received in encrypted form.

The only types of keys stored in plaintext on the Boxcryptor server are public keys, which do not contain any sensitive information and, as these are public, do not need to be kept confidential.

Password Security – How we Protect Your Password

A user’s password never leaves his or her device and Boxcryptor never submits the password anywhere. The password is used for two purposes: User authentication and decryption of the user’s private key. In both cases, Boxcryptor does not use the password itself, but derivatives called the password key and password hash.

In conclusion, your password is hashed and sent to us in this hashed form, when you want to authenticate yourself during sign in to Boxcryptor. Before the hash value is stored to our database, we hash it again, so that potential attackers have an even harder time to figure out your password.

How we Manage Users, Groups and Organizations

A user is someone who creates a Boxcryptor account and is identifiable by his/her email address and his/her user keys. The user keys are generated on the user’s device during the account set-up and creation. Before the keys are submitted to the Boxcryptor server, the sensitive information is encrypted so that only the user has access to it.

The private RSA key is encrypted with the user’s password key so that knowledge of the password is required to decrypt the private RSA key. The wrapping key is encrypted with the user’s password key so that only someone who knows the password can decrypt the wrapping key. All other AES keys are encrypted with the wrapping key so that access to the wrapping key is required to decrypt any other AES key.

How the User is Authenticated

When a user creates a Boxcryptor account, Boxcryptor derives the password hash from the user’s password. This password hash is used for all subsequent authentication operations. Only a hash of the password hash is stored on the Boxcryptor server - the password hash itself is never stored. See below, how it works in detail.

Note: This process is only required to authenticate the user against the Boxcryptor server - not to get access to the encrypted files. Access to the encrypted files always relies on the correct decryption of the user’s private key which requires the knowledge of the correct password. Even if an attacker would be able to fake authentication – for example by hacking the Boxcryptor server – he would not be able to decrypt a single file without knowing the correct password, which is only known by the user himself.

How Boxcryptor Encrypts and Decrypts Files

Boxcryptor implements a combined encryption process based on asymmetric RSA and symmetric AES encryption. Every file has its own unique random file key which is generated when the file is being created. The file key is used to encrypt and decrypt the contents of the file as can be seen below in more detail.

How File Access Sharing Works

Which processes does Boxcryptor perform, when you allow a colleague to access a file or folder? What happenes, when you share access with a group where your colleague is a member? Imagine your name is Alice and your colleague is called Bob.

Resetting Passwords in Boxcryptor Company – How the Master Key Works

Due to Boxcryptor’s zero-knowledge nature, if you forget or lose your password, you lose access to your files. Without the password, it is not possible to decrypt a user’s private key and thus it is not possible to decrypt any files. However, if a company has enabled the Master Key feature, the company can make use of the password reset feature. The Master Key feature gives the administrator of a company the power to decrypt private keys of all users which belong to the specific company. This also gives the company the possibility to set a new user password by simply re-encrypting the user’s private key with a new password.

Boxcryptor offers a special company account with additional features especially designed for businesses and organizations, for example password reset, policy management, and a Master Key. The Master Key feature gives companies the power to decrypt every file which is accessible by the users of the specific company - without having to know their passwords. With the Master Key, companies can ensure that the company does not lose access to its property (files) even in difficult situations, such as when a user forgets his or her password or leaves the company. In the following examples, the Master Key feature is activated and Alice is part of the company.

Why and When Boxcryptor Requires an Internet Connection

Boxcryptor requires an internet connection to send and receive data to and from the Boxcryptor server. Specifically, the following use cases require an internet connection.

Local Account

Users that are required to keep physical control over their user information and keys can choose to use Boxcryptor with a local account instead of a Boxcryptor account stored at the Boxcryptor Key Server. When using a local account, all user information and key data is stored in a key file on the local device instead of being transmitted to the Boxcryptor Key Server. Local accounts can be converted to Boxcryptor accounts (and vice versa) at any time.

Sharing access to files and folders is not available when using a local account because it requires Boxcryptor accounts and access to the Key Server. Additionally, it is the user’s responsibility to take care of the key file - copying it to other devices, creating backups, etc. If the key file is lost, access to all encrypted files will be lost! (Tip: As the sensitive information in the key file (e.g. private keys) is encrypted, users can store the key file in their cloud storage.)

Which Cryptographic Libraries are Used in Boxcryptor

In order to perform the actual low level encryption and random number generation, Boxcryptor relies on established and proven third-party libraries. Depending on the platform and purpose, Boxcryptor uses either popular open source libraries, or libraries which are part of the underlying operating system. The following libraries are used.