De-Authorization of users/groups

jakobk

Hi Boxcryptor team,

I was recently exploring the Boxcryptor software for a paper at university, and I was wondering how the de-authorization process works. Somehow I could not find anything about it in the documentation.

My main questions are:
- What happens if you remove a user (group) from the authorization list of a file?
- Is the file re-encrypted with a new file key?
- Or is the encrypted file key of that user (group) only removed from the file (meaning that, if the user somehow kept the decrypted file key from earlier, he/she would still be able to decrypt the file)?

Thanks in advance for your answers!

Robert

Hi Jakob,

If you remove a user (or group) from an encrypted file, the encrypted file key of that user is removed from the file. If the user somehow kept the decrypted file key from earlier (e.g. by extracting it from the RAM). Boxcryptor itself does not offer any option to "export" the file key in any way.

The file is not re-encrypted with a new file key for various reasons (e.g. changing the permissions could cause hundreds of GB to be re-encrypted and thus having to re-sync).

Best regards,
Robert

jakobk

Hej Robert,

Thanks for your fast reply. This explains my questions.

Cheers,
Jakob