Skip to main content

Send Encryption

All Sends are automatically end-to-end encrypted, which means that WALLIX Enterprise Vault encrypts the data in the Send Link and the client-browser uses the encryption key to decrypt the data once received.

Here is how it works:

  • When a Send is created a 128-bit secret key is generated for that Send.
  • A 512-bit encryption key is derived from the 128-bit secret key.
  • The Send is AES-256 encrypted using the derived 512-bit encryption. Data (plain text or file) and the Metadata (Name, Filenme, Notes, etc.) are included in the encryption.
  • The Encrypted Send is uploaded to WALLIX Servers. The Unique ID used to identify the Send for decryption is included in upload. The Encryption Key is not included in the upload.

If the Send is Password-Protected, the Password is not included in Send Encryption or Decryption. A Send is decrypted only after the Password is entered successfully.