All accounts created after version 1.14.0 with sync enabled use End-to-End encrypted sync. If you created your vault before this version, you can turn on End-to-End encryption in the account settings.
End-to-End encryption(e2ee) is designed to follow these principles:
No sensitive data can leave your device unencrypted.
Not we, nor anyone else can have any access to the password used for encryption.
acreom can’t access any of your data, even locally, before inputting the encryption password.
Since your password is not saved anywhere, there is no way to access encryption keys. acreom as a 3rd party does not store your password or even secrets derived from your password. This fulfils the concept of zero-knowledge encryption.
When you first enable end-to-end encryption, you set your encryption password. The password is hashed using argon2id, and then hkdf is derived from the hash. Next, your private keypair is generated. This keypair is then encrypted using
hkdf derived from your password. Encrypted keypair is stored on the user object. This is a necessary step to enable decryption of your data.
The only way to decrypt your encryption keypair is to input the correct password and use it to decrypt your private keypair. There is no communication between the acreom app, and our servers when we decrypt your private keypair, since the object is encrypted on the user object and is only retrieved after successful login. acreom creates hash, derives hkdf, and then tries to decrypt the private keypair object.
Each page, image, and folder is encrypted using aes256-gcm and a unique encryption key. Each encryption key is stored encrypted using the user's private keypair. We encrypt all properties containing sensitive data such as name of entity, content, icons etc. We do not encrypt metadata such as created and updated timestamp as these are used when fetching updates.
When sharing a page, its content alongside the assets gets decrypted and stored as plain text.
Currently, Github, Jira, and ICS Integrations are e2e encrypted. We intend to streamline all integrations to follow the process we created when working on github integration, where the only thing that gets stored or passes through our servers is the encrypted config.