Sandbox: Kiteworks Community

    How is the data encrypted in the totemomail database?

    Monday, March 17, 2025 By: Jonathan FeigelIn: Articles Print

    The following values are stored in encrypted form in the database

    • Properties which contain passwords (dataType="4" in TM_properties.xml)

    • Four-Eyes Password parts

    • Passwords for directory configurations

    • Passwords for IE private keys (when password is not sent to the user.)

    • Private keys (User, Own Root, Own Domain, Own Server, Authentication)

    • totemomail® Registered Envelope message keys

    • Passwords for totemomail® offline PushedPDF Recipients

    • Message keys for totemomail® online PushedPDF Recipients

    • WebMail messages and attachments
       

    User Passwords

    User passwords are stored as salted one-way hash (available hash algorithms: SHA-512, SHA-384, SHA-256, SHA-1 and MD5)
     

    Database Encryption Algorithm

    The following encryption algorithms are used:

    Without HSM (Hardware Security Module):

    • Triple DES (DES EDE), 168 bit key

    • totemomail 7: AES 256bit, AES 192bit and AES 128bit keys can be created for the database encryption

    With HSM

    • Triple DES (DES EDE), 168 bit key or

    • AES, 256 bit key

    Next Article »

    Comments

    No records to display

    About the Author
    Jonathan Feigel
    Senior Manager, Technical Service
    Looking for Something?
    Totemo Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2023 by Kiteworks - All rights reserved.