Elpass Encrypt Your Data

Spread the love

Elpass uses the most cutting-edge encryption algorithms. Here is a simplified summarization:

  1. First. The master password is hashed with Argon2id algorithm. This requires 256 MiB of dedicated RAM, and takes about 1.0 seconds on iPhone 11 Pro, to against a brute force attack. The salt for hashing is generated randomly while creating vault or changing the master password.
  2. The output of step 1 is the key to decrypt the encrypted part of Index file. This step uses XSalsa20+Poly1305 algorithm. Now the master key of the vault is extracted.
  3. Then, Elpass derives multiple sub-keys from the master key with BLAKE2B algorithm. Every file is encrypted with a distinguishing sub-key.
  4. Elpass uses the sub-key to encrypt your data with XSalsa20+Poly1305 algorithm.

Elpass uses libsodium as the algorithm provider, which is one of the most wildly used cryptographic libraries.

We open-source the part of the encryption part of our source code for anyone interested in inspecting it. You may find it here:

Spread the love