At SimpleumSafe, everything revolves around security, so we have developed the “Extrem Secure Synchronization”. Even if the synchronization data was stolen from the cloud and the password became public, it is not possible to decrypt the data.
How do we achieve this?
Each Safe is encrypted and consists of three main types of data.
1. the meta data (this is an encrypted database that contains information such as file name, file size, …).
2. the encrypted data files (they contain the data of the individual files in encrypted form).
3. the key file (it contains the encryption keys). Everything is encrypted with AES-256.
The data files are transmitted in their encrypted form. The sync protocol (which knows what data has been changed) is also transmitted encrypted. Thus, we have an end-to-end encryption. Everything can only be decrypted, if one knows the Safe password and has the key file.
To increase security even further, we do not directly transfer the key file.
For example, a Safe from a Mac is transferred to an iPhone for the first time, then SimpleumSafe creates a synchronization configuration as an encrypted QR code. This QR code is then photographed and evaluated by the iPhone. Afterwards the input of the Safe password is necessary and the Safe can be created and synchronized on the iPhone.
This additional security function protects the synchronization data from attackers. Even if they know the password and managed to steal the data from the cloud, they still lack the key file.