Where are the keys stored?

For the Crypteron managed security platform, storage is as follows:

  1. The encrypted DEKs are kept in a secure database. They are encrypted at-rest as well as in-transit.
  2. The encrypted KEKs are stored in an internal NoSQL datastore. They are encrypted at-rest as well as in-transit.
  3. The master elliptic curve encryption key (technically the private key for decryption) is stored on the application server inside a secured certificate vault. A long term, encrypted copy is stored on an offline encrypted volume for business continuity purposes.

For enterprise self-hosted plans, the organization controls how keys can be stored. Typically it is as follows:

  1. The encrypted DEKs are stored in an internal NoSQL datastore – the keychain file, which can be on the application server OR an external file or blob server. Such underlying storage can technically be be untrusted since the keychain is always encrypted.
  2. The elliptic curve keys are stored on the application server inside a secured certificate vault. We recommend keeping a long term encrypted copy at a secure location for business continuity purposes.

Recent blog posts

Migrating existing live data into Crypteron

You’re already live in production. And you have sensitive in the clear. Read this article to see how Crypteron can help.

Encryption, Entity Framework and Projections

Projections in Entity Framework live outside the entity lifecycle. Read more to learn how your can use Crypteron to secure such data.

PCI DSS and key rotations simplified

PCI compliance requires data encryption keys to be changed frequently. Here is how you can do it easily.

Your data-center is not secure and what you can do about it

There is no secure perimeter anymore. Neither in your corporate network nor in your data center. Fight a winning battle armed with self-protecting data rather than a losing one trying to protecting the infrastructure.

Introducing the Crypteron Startup Innovators Program

Qualifying startups get up to 50% off all plans. Tell us how you’re changing the world and the our Startup Innovators Program will support your journey.

6 encryption mistakes that lead to data breaches

If encryption is so unbreakable, why do businesses and governments keep getting hacked? Six common encryption mistakes that lead to data breaches.

Announcing the new Crypteron Community Edition

Starting today you can now sign up for the Crypteron Community Edition for free with no performance limitations.

Data breach response – One click to save your business

Get breathing room – when you need it the most. Respond to a data breach with a single click.

Why We Need Proper Data-At-Rest Encryption: 191M U.S. Voters’ Data Exposed

Adding security at the application level is a large step forward in protecting data from the constant threat of data breaches

How to encrypt large files

CipherStor is blazingly fast! Here we show how to use it within your data-flow pipeline to maintain high performance when encrypting large files.