cirrux

How Cirrux Backup
handles encryption

Security is not an afterthought at Cirrux—it's fundamental to everything we build. When you trust us with your emails, we take that responsibility seriously. Here's exactly how we protect your data.

The core principle: your keys, your data

Cirrux uses end-to-end encryption where your private key never leaves your machine. This means that even if someone gained access to our servers, they would only find encrypted data that's useless without your key.

The technical details

We use a hybrid encryption approach that combines the best of both symmetric and asymmetric cryptography:

Key generation

The Cirrux Downloader App generates a 2048-bit RSA key pair on your machine. The public key is sent to Cirrux and stored in our database. The private key is saved locally in ~/Cirrux/keys/ with restricted file permissions—it never leaves your device.

Email encryption

Each email is compressed and then encrypted using AES-256-GCM—a symmetric encryption algorithm that provides both confidentiality and integrity. We generate a unique 256-bit key and 12-byte nonce for each email. GCM mode includes an authentication tag that ensures your data can't be tampered with.

Key wrapping

The symmetric key used to encrypt each email is then encrypted with your RSA public key. This is called "key wrapping". The wrapped key is stored alongside the encrypted email on our storage servers. Only your private key can unwrap it.

The encryption flow

Here's what happens when Cirrux backs up an email:

  1. Cirrux downloads your email from Gmail
  2. The email content is compressed using zlib
  3. A unique 256-bit symmetric key and 12-byte nonce are generated
  4. The compressed content is encrypted using AES-256-GCM
  5. The symmetric key is encrypted (wrapped) using your RSA public key
  6. The encrypted email, wrapped key, nonce, and authentication tag are stored on our object storage in Europe (Frankfurt, Germany)
  7. The original email and unencrypted symmetric key are immediately discarded from memory

The decryption flow

When you download your emails using the Cirrux Downloader App:

  1. The app requests a list of your encrypted emails from Cirrux
  2. For each email, it downloads the encrypted content, wrapped symmetric key, nonce, and authentication tag
  3. Using your locally stored RSA private key, it unwraps the symmetric key
  4. The authentication tag is verified to ensure the data hasn't been tampered with
  5. The symmetric key and nonce are used to decrypt the email content
  6. The content is decompressed
  7. The decrypted email is saved as a standard .eml file on your machine

Why this approach?

We chose this hybrid approach for several reasons:

  • Performance: AES-256-GCM is fast and efficient for encrypting large amounts of data. Using RSA directly on email content would be significantly slower and has size limitations.
  • Security: Each email has its own unique symmetric key and nonce. Even if one key were somehow compromised, only that single email would be affected.
  • Zero-knowledge: Since we only store your public key, we can encrypt data for you but never decrypt it. Your private key never touches our servers.
  • Integrity: The GCM authentication tag ensures that any tampering with the encrypted data would be detected during decryption.
  • Industry standard: This hybrid encryption pattern is the same approach used by secure messaging apps, password managers, and enterprise security systems worldwide.

Additional security measures

Beyond the email encryption itself:

  • The OAuth tokens that Cirrux uses to access your Gmail are also stored encrypted in our database. Even with database access, an attacker couldn't use these tokens.
  • All data is stored on servers located in Europe (Frankfurt, Germany), subject to European privacy regulations.
  • Your downloaded emails are saved as standard .eml files—an open format that works with any email client. You're never locked in.
  • The private key file on your machine is saved with restricted permissions, so only your user account can read it.

Questions?

Security is an ongoing conversation. If you have questions about our encryption approach or want to discuss the technical details further, reach out at help@cirrux.co.

Try Cirrux Backup
HelpPrivacyTerms