Protecting files in SDS Encryption Portal

SDS Encryption Portal combines asymmetric encryption with RSA, and symmetric encryption with AES. Every file has its own random key, which is generated when the file is created and every time content is changed. The file key is used to protect the file’s contents and to decrypt it. For more information, refer to the section Encryption algorithms.

This section describes how files are protected and decrypted in SDS Encryption Portal.

  1. When Alice, regardless of whether she is an internal or external user, uploads a file on SDS Encryption Portal, she must specify the e-mail address of the external user (Bob) for whom she is protecting the file.
  2. If Bob does not yet have an external public key, a pair of external keys will be generated for him.
  3. SDS Encryption Portal uses Bob’s external public key to protect the file for him.
  4. Alice makes the protected file available to SDMC, through SDS Encryption Portal Server side.

Protecting files for an external user

  1. After logging in to the SDS Encryption Portal external user Bob uploads a protected file.
  2. The file is decrypted directly on the portal using the user’s external private key.
  3. The file is then downloaded and saved on the user’s workstation.