At Company Registry, your data's security and privacy are our top priorities. In this overview, we'll delve into the encryption methods we employ, namely XChaCha20-Poly1305 and AES-GCM-256, and discuss the advantages of end-to-end encryption (E2EE) where the server maintains zero knowledge of your data.

Encryption Methods

1. XChaCha20-Poly1305: XChaCha20-Poly1305 is a state-of-the-art authenticated encryption algorithm, which provides robust security and high performance. It employs the ChaCha20 stream cipher for encryption and the Poly1305 authenticator for data integrity. The extended nonce in XChaCha20 enhances resistance against nonce reuse attacks, making it suitable for long-term data storage and transmission.
2. AES-GCM-256: Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) with a 256-bit key length is a widely adopted symmetric encryption algorithm. It offers strong security and efficiency, utilizing counter mode for encryption and a Galois field for authentication. AES-GCM-256 ensures confidentiality, integrity, and authenticity of your data, making it a trusted choice for secure communication and storage.

Pros of XChaCha20-Poly1305 and AES-GCM-256

• Robust Security: Both XChaCha20-Poly1305 and AES-GCM-256 are recognised as highly secure encryption algorithms, providing protection against various cryptographic attacks.
• Efficiency: These algorithms are designed for efficiency without compromising security, enabling fast encryption and decryption processes, which are crucial for real-time data storage and retrieval.
• Authenticated Encryption: Both algorithms combine encryption and authentication mechanisms, ensuring not only confidentiality but also data integrity and authenticity, safeguarding against unauthorised modifications or tampering.
• Widely Supported: XChaCha20-Poly1305 and AES-GCM-256 are widely supported across different platforms and programming languages, making them versatile choices for secure data storage and transmission.

Benefits of End-to-End Encryption (E2EE)

• Enhanced Privacy: With E2EE, your data is encrypted on the client-side before it leaves your device and remains encrypted during transit and storage on our servers. This ensures that only you, or those you authorise, can access the decrypted data, providing a higher level of privacy and confidentiality.
• Zero Knowledge Architecture: Our server infrastructure is designed in a way that ensures we have zero knowledge of the contents of your data. This means that even if compelled by legal or regulatory requirements, we cannot access or decrypt your data, as we do not possess the necessary keys.
• Protection Against Breaches: Since your data is encrypted end-to-end, even in the event of a server breach or unauthorised access, the encrypted data remains unintelligible to any third parties, providing an additional layer of protection against data breaches and unauthorised disclosure.

Our use of XChaCha20-Poly1305 and AES-GCM-256 encryption, coupled with end-to-end encryption principles, ensures that your data is securely stored and transmitted while maintaining your privacy and confidentiality. We are committed to providing a secure and trustworthy platform for storing your data.

Note: Your encryption keys are derived from your password using secure hashing algorithms with a per-user unique salt, so ensure you keep your password and your one-time recovery phrase safe and secure.