How does the server-side encryption mechanism work?
After initial login of the user, a public and private key pair are generated and stored in the /files_encryption/ folder in the data folder.
The private key is encrypted with a PBKDF2 derivate of the login password using the SHA256 cipher and going through 100000 iterations.
When a file is created, a new file key is created at the same time, which is a symmetric key which can be used to decrypt a file. This symmetric key is stored in the data folder as well and can only be decrypted with the user's private key.
The users private key is never stored in cleartext on the disk and only stored in the PHP session which in turn is encrypted with a special cookie sent by every request by the user. Thus an administrator cannot access it.
Please note that a system administrator could still access data by:
- Modifying the Nextcloud code to intercept the login password or the key
- Dump the memory content of the server which contains sensitive content
- Intercept traffic sent by Nextcloud to intercept