Salausstandardit

How Your Data Is Protected

1. 1

   Encrypted connection

   Every request travels over TLS 1.3 with Perfect Forward Secrecy. No plaintext ever crosses the wire.

2. 2

   In-memory processing only

   Presidio AI analyzes and anonymizes text entirely in RAM. Your original content is never written to disk or stored in a database.

3. 3

   Keys derived with Argon2id

   User encryption keys are derived from your password using Argon2id — the winner of the Password Hashing Competition — before being wrapped with AES-256-GCM.

4. 4

   Zero-Knowledge key storage

   Your wrapped key is stored encrypted. The server never sees your plaintext key or password. Only you can unwrap it.

5. 5

   Asymmetric option with RSA-4096

   For multi-party workflows, RSA-4096-OAEP encapsulates a session key so only the private key holder can deanonymize output.