Understanding Encryption Modes: SSE vs CSE vs CSE+Escrow
Not all encryption is created equal. Learn the differences between server-side encryption, client-side encryption, and zero-knowledge architectures.
When it comes to protecting your sensitive documents and digital assets, understanding how your data is encrypted is crucial. Not all encryption is created equal, and the level of security you need depends on the sensitivity of your information.
The Three Tiers of Protection
Inheritfy offers three encryption modes, each with its own balance of security, convenience, and control. Most platforms only offer server-side encryption, but we give you a choice: Server-Side Encryption (SSE), Client-Side Encryption (CSE), and Client-Side Encryption with Escrow Recovery (CSE+Escrow).
Server-Side Encryption (SSE): Convenient and Secure
SSE is the most straightforward encryption approach and is suitable for most users. Here's how it works:
How It Works
- You upload files to the platform
- The platform encrypts your data on their servers using AES-256 encryption
- The platform manages the encryption keys
- Your data is encrypted at rest and in transit
Pros
- Convenience: No need to manage encryption keys yourself
- Easy recovery: Password reset flows work normally
- Reliable delivery: Beneficiaries receive files without needing special keys
- Strong security: AES-256 encryption is what banks and governments use
Cons
- Trust required: You're trusting the platform to properly secure your data
- Theoretical access: Platform employees could theoretically access your data (though reputable platforms have strict policies preventing this)
- Legal vulnerabilities: Government subpoenas could compel the platform to provide access
Best For
SSE is ideal for users storing moderately sensitive documents like insurance policies, medical records, and family photos. If you trust the platform and want maximum convenience, SSE provides excellent protection for most use cases.
Client-Side Encryption (CSE): You Control the Keys
CSE takes security to the next level by encrypting data on your device before it ever reaches the platform's servers.
Understanding Encryption Basics
To understand why CSE is powerful, you need to know how encryption actually works:
- Encryption transforms your readable data into scrambled gibberish using a mathematical algorithm (like AES-256)
- The encryption key is like a password - a long string of random characters that controls the transformation
- Without the key, encrypted data is useless - even with supercomputers, it would take billions of years to crack AES-256
- The key is the only way to reverse the process and turn the scrambled data back into your original files
With SSE, the platform holds the key to your vault. With CSE, only you hold the key. That's the critical difference.
How It Works
- You create a master encryption key on your device
- Your files are encrypted locally using this key
- Only encrypted data is uploaded to the platform
- You must securely store and remember your master key
- The platform never has access to your unencrypted data or master key
Pros
- Maximum privacy: Only you can decrypt your files
- Zero-knowledge security: We cannot see your data because we never have your encryption key
- Protection from breaches: Even if our servers are compromised, your data remains encrypted
- Legal protection: We cannot comply with data requests because we don't have the keys to decrypt your files
Cons
- Key management responsibility: Losing your master key means permanently losing access to your files
- No password recovery: Traditional "forgot password" flows don't work
- Beneficiary complexity: You must securely share the master key with beneficiaries
Best For
CSE is perfect for users storing highly sensitive information like financial documents, legal records, cryptocurrency keys, or confidential business information. If you're comfortable managing encryption keys and want absolute privacy, CSE is the way to go.
CSE+Escrow Recovery: The Best of Both Worlds
CSE+Escrow (also called CSE+ER) solves the key management problem of pure CSE through an innovative approach called Shamir's Secret Sharing.
How It Works
This is where cryptography gets really clever:
- Your master encryption key is mathematically split into multiple "shares" (typically 4-5 pieces)
- Each share is given to a different trustee you designate
- A threshold number of shares (e.g., 3 out of 4) are needed to reconstruct the key
- No single share reveals anything about the key
- The platform might hold one or two shares, but never enough to decrypt alone
The Magic of Shamir's Secret Sharing
Think of it like a bank vault that requires multiple keys to open. Here's what makes it special:
- If you lose one share, you can still recover your key with the others
- No single trustee can access your data alone
- Even if the platform is compromised, attackers get only one share (useless without the others)
- If a trustee becomes unavailable, you still have enough shares to access your vault
Pros
- Zero-knowledge security: Like CSE, your data is encrypted before upload
- Key recovery protection: You won't lose everything if you forget your key
- Distributed trust: No single entity can access your data
- Resilience: System continues working even if some trustees are unavailable
- Automatic beneficiary access: When trustees verify your status, they can combine shares to release your vault
Cons
- Complexity: Requires understanding of the system and careful trustee selection
- Trustee coordination: Requires multiple trusted individuals who will remain available
- Higher cost: Usually available only on premium tiers due to increased complexity
Best For
CSE+Escrow is ideal for users who want maximum security but also need resilience. Perfect for sensitive legal documents, cryptocurrency wallets, business secrets, or anyone who wants zero-knowledge architecture with a safety net.
Choosing the Right Encryption Mode
Here's a quick decision framework:
Choose SSE if:
- You want maximum convenience
- You're comfortable trusting a reputable platform
- You're storing moderately sensitive documents
- You want easy password recovery
Choose CSE if:
- You need maximum privacy and control
- You're comfortable managing encryption keys
- You're storing highly sensitive information
- You don't need password recovery
Choose CSE+Escrow if:
- You need maximum security with a safety net
- You have trusted individuals who can serve as key holders
- You're managing high-value assets
- You want zero-knowledge architecture with recovery options
Real-World Security Example
To understand the practical difference, consider this scenario: A government agency issues a subpoena for your data.
- With SSE: The platform could potentially be compelled to provide access to your encrypted data and decrypt it.
- With CSE: The platform can only provide encrypted data they cannot decrypt. You'd need to be compelled to provide your key.
- With CSE+Escrow: The platform has only one share of your key (useless alone). Multiple trustees would need to be compelled independently, making it far more difficult.
The Bottom Line
There's no one-size-fits-all answer. Your choice depends on your threat model, the sensitivity of your data, and your comfort with key management. Many platforms allow you to use different encryption modes for different vaults, so you can use CSE+Escrow for your most sensitive documents and SSE for family photos.
The key is to understand the trade-offs and choose the level of security that matches your needs. Whether you prioritize convenience, absolute privacy, or resilient recovery, picking the right encryption mode protects your data according to your actual threat model.
Want to explore different encryption modes?
Inheritfy offers all three encryption modes, allowing you to choose the right balance of security and convenience for your needs.
Start Your Free Trial