VoltShare FAQ

End-to-End encryption is trivial to achieve with any secure encryption algorithm (e.g. AES) if (1) the sender and the recipient(s) had a key shared securely in advance, and (2) no policy controls like time-limit or revocation are needed. VoltShare requires no pre-shared information about the recipient(s) other than what the sender already knows - e.g. email address. There is no list of public keys to maintain, no private key to protect locally, and integration with existing SSO makes using VoltShare across devices very easy. Finally, since the encryption is not based on the recipient’s public key, the recipient’s ability to decrypt any data is automatically revoked with SSO.

PGP encryption is a specific case of end-to-end encryption mentioned above. With PGP, the sender has to first obtain the recipients’ public keys and maintain them in a list - like a phonebook. This makes using PGP across devices cumbersome. The data is encrypted directly for a chosen recipient using her key and therefore encryption operation has to be repeated for every recipient. PGP is between sender and the recipient without any third party, and therefore it is impossible to enforce time limits or revoke recipient’s ability to decrypt data that she has not already decrypted.

No, VoltShare is unique in that Volterra’s infrastructure not only does not ever see the actual data, it does not even see the encryption key that the sender’s client application randomly generates to protect the data. In other words, Volterra does not see clear or encrypted data - everything remains on the users’ local machine during the encryption and the decryption process. During encryption/decryption operations, Volterra collects metadata for compliance, logging, and auditability purposes.

No, we do not transfer any secret information from the device to the Volterra cloud. All the encryption and decryption of data is completely local to the device.

No, as stated earlier, Volterra does not transfer and does not store any of users’ secret or encrypted secret in its cloud.

Volterra locally encrypts the data using well-known cryptographic algorithms (AES-GCM and RSA) and returns the encrypted data to the user. The encryption keys themselves are protected by other cryptographic keys protected by state-of-the-art Key Management System in Volterra SaaS infrastructure.

It depends on what information your data contains. If your data is some cat pictures, you can perhaps accept the risk of losing or exposing the data by storing it unencrypted. If you have something more valuable, you may want to assess the risks more seriously. There are plenty of reasons to believe that unencrypted data will be exposed sooner or later no matter which cloud service you use. If you have compliance obligations, then storing in-scope unencrypted data may not be allowed.

We are always on top of all-things-security and do not expect this, but in the absolute worst case scenario, even if Volterra is fully compromised - as in all the keys are accessible - the hacker will have to find the encrypted data (still in customer’s possession) and decrypt it via the hacked route. Unless the hacker has access to the encrypted data AND hacks Volterra to a level where it bypasses all the policy checks AND directly accesses the Key Management System without anyone noticing, no significant risk is posed.

Since we are not in the business of storing customer’s sensitive information, the government can only get very little help from us with respect to your data.

Volterra VoltShare does not replace any shared/collaboration storage service -- we help you store data in these storage solutions such that you don’t rely solely on these cloud providers for privacy and security of your data. If these storage services are ever compromised (externally or from within) or are forced to hand-over data to any government agency, your data will not be compromised as it is encrypted without relying on your storage provider technology.

End-to-end encryption technology used by some cloud storage providers does a great job in encrypting the file and metadata on users devices so that their cloud servers and storage can never see the data. They also provide controls like how many days can the data be decrypted. However, they moved the problem of securely sharing the data to securely sharing the password that needs to be used to decrypt the data. Volterra VoltShare ensures that the sender does not have to ever worry about creating and securing a “password” that is required to decrypt the data.

Unfortunately, shared passwords providers recommend that you encrypt the password with the public key of the user that is not already on their platform. If you want to share a password with a user, the recipient has to enroll on their platform as that is required by the client software to encrypt the secret before storing it in their platform. Moreover, since we don't store any customer data in any vault, we don't suffer from complex security needs of a centralized vault.

Some group messaging systems implement end-to-end encryption (eg. Whatsapp, Telegram, or Signal) whereas others only implement client-to-server encryption (eg. Slack). Those systems that provide end-to-end encryption try to ensure that only you and the person you’re communicating with can read what is sent and nobody in between, including the messaging provider, can read the information. This works perfectly for private conversation between two people but there are flaws for groups. For example, WhatsApp’s end-to-end encryption is based on signal protocol that is vulnerable when changes to the group are made - adding and removing members is not end-to-end encrypted. This means that in some cases, if their servers were hacked or someone from the inside is compromised, they can add a member and eavesdrop on the conversation and get access to the data. This technique can also be used as a backdoor to give access to government agencies.

Even though major cloud storage providers spend significant resources in ensuring data is securely stored, there have been breaches by external hackers or internal employees. While you want to continue to use these tools as they ease your day-to-day workflows, you still want to ensure that your data is encrypted such that only you or members of shared groups are able to unencrypt the data without relying on the underlying security solution of your storage provider. VoltShare ensures that none of your secret data is ever transmitted or stored in any cloud service (including our own service).