Skip to content

Encryption Whitepaper

Executive Summary

CYFR Technologies operates a zero-knowledge architecture across all products. This whitepaper documents the cryptographic design, key management protocols, and security guarantees that underpin the CYFR platform.

Cryptographic Primitives

Primitive Algorithm Key Size Standard
File Encryption AES-256-GCM 256 bits NIST SP 800-38D
Key Derivation PBKDF2-HMAC-SHA256 RFC 8018
Key Wrapping AES-KW 256 bits RFC 3394
Transport Security TLS 1.3 Ephemeral RFC 8446
HLS Segment Encryption AES-128-CBC 128 bits RFC 8216
Digital Signatures ECDSA P-256 256 bits FIPS 186-4
Hashing SHA-256 FIPS 180-4

Key Hierarchy

┌─────────────────────────────────────┐
│ Master Key (customer-held, offline) │
└──────────────┬──────────────────────┘
               │ derives
┌──────────────▼──────────────────────┐
│ Account Key (per-tenant)            │
└──────────────┬──────────────────────┘
               │ wraps
┌──────────────▼──────────────────────┐
│ Content Key (per file/stream)       │
└──────────────┬──────────────────────┘
               │ delivered via
┌──────────────▼──────────────────────┐
│ Session Key (per-viewer, ephemeral) │
└─────────────────────────────────────┘

Zero-Knowledge Guarantee

CYFR infrastructure never possesses unencrypted customer data or the keys required to decrypt it. Encryption is performed client-side before transmission. Key material exists only in the customer's environment and in authorized viewer sessions.

What This Means

  • CYFR cannot access customer content under any circumstances
  • A subpoena directed at CYFR can produce encrypted data and metadata — not plaintext
  • A compromise of CYFR infrastructure does not expose customer data
  • A malicious CYFR employee cannot read customer content

What This Does Not Mean

  • Customers must secure their own keys — lost keys mean lost data
  • Authorized viewers who possess session keys can access content
  • Metadata (timestamps, access patterns, content titles) is visible to CYFR for operational purposes

Third-Party Audit

CYFR's cryptographic implementation is reviewed annually by independent security assessors as part of our SOC 2 Type II examination. The most recent review found no material weaknesses in the encryption architecture.

Compliance

This architecture supports compliance with:

  • SOC 2 Type II (Security + Availability)
  • ISO/IEC 27001:2022
  • HIPAA (with BAA)
  • GDPR (with DPA + SCC)
  • FedRAMP Moderate (in progress)

For audit reports, contact compliance@cyfr.technology.