Now Bob can use is private key to decrypt $m$īob can then decrypt the items in the vault using the vault key, $V_k$. We can also allow for Bob to receive the encrypted items of that vault. But we can deliver $m$ to Bob the next time his 1Password client connects to the server. We can't decrypt $m$ because we don't have Bob's private key, $B_s$. Let's call the result of that encryption the message, $m$Īlice's 1Password program running on her machine will then send $m$ up to the server. When Alice shares a vault, say vault $V$ with Bob, she encrypts the vault key $V_k$ for that vault with Bob's public key, $B_p$. (Their private keys are encrypted with keys derived from the Master Password.) Alice's and Bob's key pairs are generated by the 1Password client running on their own machines when they first set things up so that we never see their private keys. The magic of public key encryption is that anyone can use Bob's public key to encrypt something to him, but only Bob, with is access to his secret key can decrypt it. Bob will have his public/secret key pair $B_p$ and $B_s$. So Alice has a public/private key pair which we will call $A_p$ for the public key and $A_s$ for her private key which she keeps secret. Note that we never have the vault key, so we can't decrypt the items in the vault (or even the name of the vault).Įach individual has a public/private key pair as part of what we call their "personal keyset". For synching and sharing the encrypted items in the vault are sent to our server. Let's suppose that Alice has created a vault $V$, and the vault key for it is $V_k$. Each vault has its own randomly generated vault key that is created by the users client when the vault is created. A vault will have a number of items in it. I will leave out some details here so that I can focus on the essential part of the question.ġPassword works with the notion of vaults, and vaults are what people share. What you are after is described in more detail in the 1Password Security Design document. Disclosure: I work for 1Password and had a hand to play in the design of exactly what you are asking about.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |