Understanding Encryption Modes: SSE vs CSE vs CSE+Escrow

When it comes to protecting your sensitive documents and digital assets, understanding how your data is encrypted is crucial. Not all encryption is created equal, and the level of security you need depends on the sensitivity of your information.

The Three Tiers of Protection

Inheritfy offers three encryption modes, each with its own balance of security, convenience, and control. Most platforms only offer server-side encryption, but we give you a choice: Server-Side Encryption (SSE), Client-Side Encryption (CSE), and Client-Side Encryption with Escrow Recovery (CSE+Escrow).

Server-Side Encryption (SSE): Convenient and Secure

SSE is the most straightforward encryption approach and is suitable for most users. Here's how it works:

How It Works

• You upload files to the platform
• The platform encrypts your data on their servers using AES-256 encryption
• The platform manages the encryption keys
• Your data is encrypted at rest and in transit

Pros

• Convenience: No need to manage encryption keys yourself
• Easy recovery: Password reset flows work normally
• Reliable delivery: Beneficiaries receive files without needing special keys
• Strong security: AES-256 encryption is what banks and governments use

Cons

• Trust required: You're trusting the platform to properly secure your data
• Theoretical access: Platform employees could theoretically access your data (though reputable platforms have strict policies preventing this)
• Legal vulnerabilities: Government subpoenas could compel the platform to provide access

Best For

SSE is ideal for users storing moderately sensitive documents like insurance policies, medical records, and family photos. If you trust the platform and want maximum convenience, SSE provides excellent protection for most use cases.

Client-Side Encryption (CSE): You Control the Keys

CSE takes security to the next level by encrypting data on your device before it ever reaches the platform's servers.

Understanding Encryption Basics

To understand why CSE is powerful, you need to know how encryption actually works:

• Encryption transforms your readable data into scrambled gibberish using a mathematical algorithm (like AES-256)
• The encryption key is like a password - a long string of random characters that controls the transformation
• Without the key, encrypted data is useless - even with supercomputers, it would take billions of years to crack AES-256
• The key is the only way to reverse the process and turn the scrambled data back into your original files

With SSE, the platform holds the key to your vault. With CSE, only you hold the key. That's the critical difference.

How It Works

• You create a master encryption key on your device
• Your files are encrypted locally using this key
• Only encrypted data is uploaded to the platform
• You must securely store and remember your master key
• The platform never has access to your unencrypted data or master key

Pros

• Maximum privacy: Only you can decrypt your files
• Zero-knowledge security: We cannot see your data because we never have your encryption key
• Protection from breaches: Even if our servers are compromised, your data remains encrypted
• Legal protection: We cannot comply with data requests because we don't have the keys to decrypt your files

Cons

• Key management responsibility: Losing your master key means permanently losing access to your files
• No password recovery: Traditional "forgot password" flows don't work
• Beneficiary complexity: You must securely share the master key with beneficiaries

Best For

CSE is perfect for users storing highly sensitive information like financial documents, legal records, cryptocurrency keys, or confidential business information. If you're comfortable managing encryption keys and want absolute privacy, CSE is the way to go.

CSE+Escrow Recovery: The Best of Both Worlds

CSE+Escrow (also called CSE+ER) solves the key management problem of pure CSE through an innovative approach called Shamir's Secret Sharing.

How It Works

This is where cryptography gets really clever:

• Your master encryption key is mathematically split into multiple "shares" (typically 4-5 pieces)
• Each share is given to a different trustee you designate
• A threshold number of shares (e.g., 3 out of 4) are needed to reconstruct the key
• No single share reveals anything about the key
• The platform might hold one or two shares, but never enough to decrypt alone

The Magic of Shamir's Secret Sharing

Think of it like a bank vault that requires multiple keys to open. Here's what makes it special:

• If you lose one share, you can still recover your key with the others
• No single trustee can access your data alone
• Even if the platform is compromised, attackers get only one share (useless without the others)
• If a trustee becomes unavailable, you still have enough shares to access your vault

Pros

• Zero-knowledge security: Like CSE, your data is encrypted before upload
• Key recovery protection: You won't lose everything if you forget your key
• Distributed trust: No single entity can access your data
• Resilience: System continues working even if some trustees are unavailable
• Automatic beneficiary access: When trustees verify your status, they can combine shares to release your vault

Cons

• Complexity: Requires understanding of the system and careful trustee selection
• Trustee coordination: Requires multiple trusted individuals who will remain available
• Higher cost: Usually available only on premium tiers due to increased complexity

Best For

CSE+Escrow is ideal for users who want maximum security but also need resilience. Perfect for sensitive legal documents, cryptocurrency wallets, business secrets, or anyone who wants zero-knowledge architecture with a safety net.

Choosing the Right Encryption Mode

Here's a quick decision framework:

Real-World Security Example

To understand the practical difference, consider this scenario: A government agency issues a subpoena for your data.

• With SSE: The platform could potentially be compelled to provide access to your encrypted data and decrypt it.
• With CSE: The platform can only provide encrypted data they cannot decrypt. You'd need to be compelled to provide your key.
• With CSE+Escrow: The platform has only one share of your key (useless alone). Multiple trustees would need to be compelled independently, making it far more difficult.

The Bottom Line

There's no one-size-fits-all answer. Your choice depends on your threat model, the sensitivity of your data, and your comfort with key management. Many platforms allow you to use different encryption modes for different vaults, so you can use CSE+Escrow for your most sensitive documents and SSE for family photos.

The key is to understand the trade-offs and choose the level of security that matches your needs. Whether you prioritize convenience, absolute privacy, or resilient recovery, picking the right encryption mode protects your data according to your actual threat model.