> Your encryption key is derived from a master key plus your user ID using PBKDF2 (a secure key derivation function). This means even if someone got access to the database, they couldn't decrypt your data without your specific key.
> Your text gets encrypted on our server using your unique key. The encrypted data gets stored in our database
> When you need it on another device, we decrypt it and send it to you
Please stop advertising this as E2EE.
If you encrypt/decrypt the data on the server, you must have the keys. If someone gets access to the server, they can just decrypt everything since the master key is right there. You might as well base64 encode everything and call that encryption.
E2EE is where only the clients have the keys. Data is encrypted before sending to the server, and decrypted after receiving from the server. That's why it's called end-to-end: the server only ever handles encrypted data that it doesn't have the keys to decrypt.
> Your text gets encrypted on our server using your unique key. The encrypted data gets stored in our database
> When you need it on another device, we decrypt it and send it to you
Please stop advertising this as E2EE.
If you encrypt/decrypt the data on the server, you must have the keys. If someone gets access to the server, they can just decrypt everything since the master key is right there. You might as well base64 encode everything and call that encryption.
E2EE is where only the clients have the keys. Data is encrypted before sending to the server, and decrypted after receiving from the server. That's why it's called end-to-end: the server only ever handles encrypted data that it doesn't have the keys to decrypt.