Skip to content

End-to-End Encryption

Overview

End-to-End Encryption (E2EE) is a core security measure designed to protect user data throughout its entire lifecycle. It ensures that user data is encrypted from the moment it is created on the device until it is decrypted by the intended recipient. Only the user or authorized devices can decrypt the data, while UnoLock itself does not have access to the encryption keys, ensuring the highest level of data privacy, even in the event of a server breach.

How It Works

  • Client-Side Encryption: Data is encrypted on the user's device using AES-256 GCM, ensuring confidentiality and integrity.
  • Data Transmission: Encrypted data is transmitted via TLS 1.3, which protects the data in transit from any interception attempts.
  • Storage & At-Rest Encryption: Once on UnoLock’s servers, the data remains encrypted using AES-256 at rest, adding a second encryption layer.
  • Key Management: UnoLock operates under a zero-knowledge model, meaning it has no access to user encryption keys. Only the user can decrypt their data, maintaining complete control over access.
  • Multi-Device Encryption: Encryption keys are securely shared across trusted devices via FIDO2/WebAuthn protocols, ensuring secure access across devices.

Security Implications

  • Complete Data Confidentiality: Even if UnoLock servers are compromised, the encrypted data is unreadable without the user's decryption keys.
  • Protection from Intermediaries: E2EE ensures that no intermediaries, including UnoLock, can access or alter the data.
  • Regulatory Compliance: E2EE supports compliance with data protection regulations like GDPR and HIPAA, as sensitive data remains encrypted throughout its lifecycle.

Use Cases

  • Individuals: Protects personal data such as legal documents, financial records, and sensitive information.
  • Businesses: Maintains compliance while safeguarding proprietary or customer data.
  • High-Risk Users: Journalists, activists, and executives can protect confidential information from unauthorized access, even in hostile environments.

Why It Matters

With the rising threat of data breaches, E2EE is critical to safeguarding sensitive data, providing users with peace of mind that their information remains private and under their control at all times.

FAQs

Can UnoLock access my encrypted data?

No, UnoLock operates under a zero-knowledge encryption model. Only the user holds the decryption keys.

What if my data is intercepted?

Data is encrypted both in transit (TLS 1.3) and at rest (AES-256), making it unreadable without the proper keys.

Is E2EE compliant with data protection laws?

Yes, it supports compliance with GDPR, HIPAA, and other stringent regulations.

Compliance & Privacy Regulations

  • GDPR & HIPAA: E2EE helps ensure compliance by encrypting personal and sensitive data, keeping it private and secure.

Integration with Other Features

  • Local File Encryption: Ensures files are encrypted on the device before transmission.
  • Multi-Device Access: Keeps data encrypted across different devices, using secure WebAuthn protocols for synchronization.