- Each user gets symmetric key, private key, and public key
- Symmetric key = encrypts the data that only the user needs to see
- Private key = decrypts the data shared to the user
- Public key = encrypts the data shared to the user
- Symmetric key is encrypted by user PBKDF2 of user's password
- Private key is encrypted by user's symmetric key
- Generate recovery codes for user and encrypt copies of symmetric key using these recovery codes
- Encrypt user symmetric key using organization's public key for key backup mechanism
- Stroe organization's private key in a password manager or something
Created
July 18, 2017 15:13
-
-
Save penafieljlm/77ca9616f81349f23c44cc869a0ed7b7 to your computer and use it in GitHub Desktop.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment