Table of Content

Advanced Encryption for Documents

All documents in the account of a user are always stored encrypted (also named as "symetric" or "simple" encryption).

Documents are encrypted using AES-256. The encryption key is securely stored in the foxdox system and available for the foxdox system. As a result, these symmetrically encrypted documents can be processed in terms of content for the foxdox system, so that depending on the type of document Preview images for the foxdox user can be generated. After successful login, these documents can be retrieved without additional entries (e.g. a second password).

If the provider service has asymmetric encryption (also called "Double encryption"), the document is also initially encrypted using AES-256. The key used from this symmetrical encryption is additionally asymmetrically encrypted via the RSA-2048 procedure with the public key of the foxdox user. These asymmetrically encrypted documents are thus no longer processable for the foxdox system, so that neither preview images nor information for the search index can be created. After successful login, these documents can only be retrieved by additionally entering the second password, i.e. the password issued by the foxdox user for the encryption key.

The user has the possibility to decrypt these asymmetrically encrypted documents and to use them decrypted (e.g. to store them on his local PC outside of foxdox) or to store them simply encrypted in his foxdox account.  This is supposed to simplify the storage and use for the user, if he or her wishes it independently to store these documents also only symmetrically encrypted.