Envelope Encryption, How it Works and Why We Use It

Envelope encryption uses both asymmetric and symmetric encryption algorithms in tandem to provide the benefits of both. Learn how it works and how we use it at Zero!

Sam Magura

Sam Magura

A circuit board design

Public-key cryptography  is an extremely widely-used method of encrypting data, in which anyone can encrypt a message using the public key, but only those who know the private key can decrypt the message. Public-key cryptography is great for keeping data secure because the private key does not need to be shared with parties that only encrypt messages. However, there is one major downside to this type of cryptography: public-key cryptography algorithms are typically slow, making them poorly-suited for encrypting large volumes of data. Because of this, some encryption services place limits on the size of the data you can encrypt — for example, the limit is 4 KB for AWS Key Management Service .

On the other hand, symmetric-key encryption  algorithms like AES  — which allow encrypting and decrypting messages using the same key — are much faster. But symmetric encryption schemes can be less secure than public-key schemes because every party that can encrypt messages can also decrypt the messages, since the same key is used for both.

Introducing Envelope Encryption

What if we could combine the security of public-key cryptography with the performance of symmetric-key cryptography? That's exactly what envelope encryption does.

In envelope encryption, the message is encrypted using a symmetric algorithm and a random key. Then, the random key is encrypted using a public-key algorithm and sent alongside the message in its encrypted form. The only way to decrypt the message itself is to first decrypt the random key, which requires knowledge of the private key.

This clever scheme really delivers the best of both worlds — the private key is still required to decrypt the message, but you only have to run the expensive public-key algorithm on a short cryptographic key instead of on the original message, which could measure in the gigabytes! This makes envelope encryption suitable when the encryption key must be kept secret and the volume of data to encrypt is large. Envelope encryption is also a great approach when the volume of data is a moderate size and must be encrypted and decrypted frequently.

Envelope Encryption at Zero

In the near future, Zero will begin applying envelope encryption to all data stored in its databases to guarantee the security of your secrets. This prevents anyone from accessing your data, including members of the Zero team — with the exception of one person.

The Zero team is currently working on implementing end-to-end encryption, which will provide even stronger security. With end-to-end encryption, your secrets will already be encrypted by the time they reach Zero's servers, and they will only be decrypted on your servers after you have used the Zero SDK to pull down the secrets.