Encryption Whitepaper¶
Executive Summary¶
CYFR Technologies operates a zero-knowledge architecture across all products. This whitepaper documents the cryptographic design, key management protocols, and security guarantees that underpin the CYFR platform.
Cryptographic Primitives¶
| Primitive | Algorithm | Key Size | Standard |
|---|---|---|---|
| File Encryption | AES-256-GCM | 256 bits | NIST SP 800-38D |
| Key Derivation | PBKDF2-HMAC-SHA256 | — | RFC 8018 |
| Key Wrapping | AES-KW | 256 bits | RFC 3394 |
| Transport Security | TLS 1.3 | Ephemeral | RFC 8446 |
| HLS Segment Encryption | AES-128-CBC | 128 bits | RFC 8216 |
| Digital Signatures | ECDSA P-256 | 256 bits | FIPS 186-4 |
| Hashing | SHA-256 | — | FIPS 180-4 |
Key Hierarchy¶
┌─────────────────────────────────────┐
│ Master Key (customer-held, offline) │
└──────────────┬──────────────────────┘
│ derives
┌──────────────▼──────────────────────┐
│ Account Key (per-tenant) │
└──────────────┬──────────────────────┘
│ wraps
┌──────────────▼──────────────────────┐
│ Content Key (per file/stream) │
└──────────────┬──────────────────────┘
│ delivered via
┌──────────────▼──────────────────────┐
│ Session Key (per-viewer, ephemeral) │
└─────────────────────────────────────┘
Zero-Knowledge Guarantee¶
CYFR infrastructure never possesses unencrypted customer data or the keys required to decrypt it. Encryption is performed client-side before transmission. Key material exists only in the customer's environment and in authorized viewer sessions.
What This Means¶
- CYFR cannot access customer content under any circumstances
- A subpoena directed at CYFR can produce encrypted data and metadata — not plaintext
- A compromise of CYFR infrastructure does not expose customer data
- A malicious CYFR employee cannot read customer content
What This Does Not Mean¶
- Customers must secure their own keys — lost keys mean lost data
- Authorized viewers who possess session keys can access content
- Metadata (timestamps, access patterns, content titles) is visible to CYFR for operational purposes
Third-Party Audit¶
CYFR's cryptographic implementation is reviewed annually by independent security assessors as part of our SOC 2 Type II examination. The most recent review found no material weaknesses in the encryption architecture.
Compliance¶
This architecture supports compliance with:
- SOC 2 Type II (Security + Availability)
- ISO/IEC 27001:2022
- HIPAA (with BAA)
- GDPR (with DPA + SCC)
- FedRAMP Moderate (in progress)
For audit reports, contact compliance@cyfr.technology.