Using client-side encryption for users who own several devices requires a strong system to safely distribute and control encryption keys among devices. The important actions and techniques are:
1. Master Key and Key Derivation
- Master Key Storage: The user generates a master key (MK) derived from a strong password (e.g., using PBKDF2, Argon2). The master key encrypts the data encryption keys (DEKs), not the data directly.
- Key Derivation: Each device derives the same master key locally using the user’s password and consistent parameters (e.g., salt, iteration count).
2. Secure Key Backup and Synchronization
- Key Backup: Encrypt the DEKs with the master key and store them securely in the cloud.
- Key Sync: When a new device joins, the user logs in and derives the master key to decrypt and access the DEKs from the backup.
3. End-to-End Encryption
- Data is encrypted locally on the device using the DEKs before syncing to the cloud.
- DEKs are never uploaded in plaintext, ensuring the cloud provider cannot access user data.
4. Device Registration
- Each new device is "registered" by authenticating the user and downloading the encrypted DEKs.
- Use a device-specific encryption key for additional protection during transmission.
5. Rotating Keys for Security
- Regularly rotate DEKs to limit the impact of potential compromises.
- Re-encrypt data with new DEKs while securely updating them across devices.
