An external user (Bob) does not have a subscribed SDS Encryption Portal account. When another user wants to encrypt files for him, SDS Encryption Portal will generate the following keys:
- An external public key (blue key in the diagram). This key is published in the external directory in the SDS cloud service and can be accessed by all internal and external users. It allows these users to protect files for Bob.
- An external private key (red key in the diagram). It allows Bob to decrypt files that were protected for him. Unlike keys for internal users, the external private key is stored in the SDS cloud service.
Keys are associated with the user’s e-mail address. They remain the same throughout the use of the SDS Encryption Portal.
The keystore of an external user, which will be used to decrypt files, contains only the external private key.