Alternate Private Keys (APKs) are intended for advanced users only. APKs are not necessary for Atakama to operate normally, safely, and securely.
APKs allow you to simultaneously protect your files with both Atakama multi-device encryption and traditional public-key encryption. In a disaster-like situation in which no threshold number of Atakama devices are available to recover your files, the APK may be used as a “master key” to decrypt your files en masse.
In Atakama, the contents of each file are encrypted with a unique AES key. In standard operation, the AES key is copied and split into multiple pieces - one for each device - before the original key is discarded. When attempting to open and decrypt the file, a threshold number of devices must consent to returning their key-pieces in order for the AES key to be reassembled.
When an APK is in use by Atakama, the AES key is encrypted with the APK before the AES key is split into pieces. This newly-encrypted AES key is stored in .kama files along with the encrypted content and other important data. While files can still be decrypted individually using the standard multi-device procedure, they can also be decrypted if the corresponding APK is available. The multi-device decryption procedure is always preferable from a security standpoint because just the one AES key for an individual file is exposed when it’s opened. However, when the APK private key is present, all AES keys could be exposed.
Important Security Considerations and Disclaimers
You must be confident that the APK is itself secure from malicious actors. Possession of the single APK grants access to all files protected with the APK. To limit the probability of an intrusion:
- Do not generate the public-private key pair on any computer running Atakama
- Keep the APK on an “offline device” that is not connected to the internet or any network
- Never transfer the APK to any computer running Atakama
- Only transfer the public key to the computer(s) running Atakama
When used, an APK effectively bypasses Atakama’s multi-device threshold protection and increases the risk of an intrusion. If you do not have business or technical policies that require the use of an APK, we recommend establishing forms of redundancy within Atakama’s multi-device approach such as adding additional devices or generating additional recovery wordsets.
Any changes to an APK in Atakama, whether adding it the first time, changing it, or removing it, apply only to files created after the change.
- If you create or protect files prior to adding the APK, they would not be recoverable in a disaster scenario using the APK.
- To use an APK with files that are already protected by Atakama, those files must first be decrypted (removed from Atakama), then protected again.
- If you are removing or changing the APK, the files that were created using the APK will be unchanged.
If removal of an APK from a file is required, please open a support ticket.