Alternate Private Keys (APKs) are intended for advanced users only. Using APKs is an option. They are not necessary for Atakama to operate safely and securely in the normal use case.
APKs allow you to simultaneously protect your files with both Atakama multi-device encryption and traditional public-key encryption. In a disaster-like situation in which no threshold number of Atakama devices are available to recover your files, the APK may be used as a “master key” to decrypt your files en masse.
With Atakama, the contents of each file are encrypted with a unique AES key. In standard operation, the AES key is copied and split into multiple pieces - one piece for each device - before the original key is discarded. When attempting to open and decrypt the file, a threshold number of devices must consent to returning their key-pieces in order for the AES key to be reassembled.
When APK is used, the AES key is encrypted with the APK before the AES key is split into pieces. This newly-encrypted AES key is stored in .kama files along with the encrypted content and other important data. While files can still be decrypted individually using the standard multi-device process, they can also be decrypted with the corresponding APK. The multi-device decryption process is always preferable from a security standpoint because just the one AES key for an individual file is exposed when the file is decrypted. The APK private key, however, can potentially expose all the individual AES keys being used to encrypt files.
Important Security Considerations and Disclaimers
You must be confident that the APK is itself secure from malicious actors. Possession of the single APK can grant access to all files protected with the APK. To limit the probability of an intrusion:
- Do not generate the public-private key pair on any computer running Atakama.
- Keep the APK on an “offline device” that is not connected to the Internet or any network.
- Never transfer the APK to any computer running Atakama.
- Only transfer the public key to the computer(s) running Atakama.
When used, an APK effectively bypasses Atakama’s multi-device threshold protection and increases the risk of an intrusion. If you do not have business or technical policies that require the use of an APK, we recommend establishing forms of redundancy within Atakama’s multi-device approach such as adding additional devices or generating additional offline recovery wordsets.
Any changes to an APK in Atakama, whether adding it the first time, changing it, or removing it, apply only to files created after the change.
- If you create or protect files prior to adding the APK, they would not be recoverable in a disaster scenario using the APK.
- To use an APK with files that are already protected by Atakama, those files must first be decrypted (removed from Atakama), then protected (i.e., encrypted) again.
- If you are removing or changing the APK, the files that were created using the APK will be unchanged.
Please open a support ticket if you require assistance with removing an APK from a file.