Decrypting a user's data with an old key or a delegation key

With the help of decryption keys, SDS Enterprise makes it possible to decrypt files and messages transparently when they are encrypted by a key other than the user's current key.

SDS Enterprise allows two types of decryption keys:

  • Former private keys. When users renew their encryption keys (or personal keys), their former keys are automatically moved to a location where all their former decryption keys are kept,
  • Delegation keys. These are encryption keys that coworkers can share with other users, to allow them to decrypt documents or messages that were encrypted for their use.