Glossary of terms

Definitions of key terms used in the Passwork cryptography documentation.

---

Core entities

Vault

A vault is a container for storing records. Each vault has its own symmetric encryption key (vault key) that protects all records inside it. Vaults can be corporate (shared) or personal.

Record

A record is a unit of secret information storage. Each record contains a set of fields: name, login, password, URL, description, tags, custom fields, and attachments. A record is encrypted with its own record key.

Important

The term "password" in Passwork context can mean either the record itself or a specific field within the record. In this documentation, we use "record" to refer to the entity and "password field" to refer to the specific field.

Record field

A field is an individual data element within a record. Fields are divided into:

• Standard fields: name, login, password, URL, description, tags
• Custom fields: arbitrary name-value pairs added by the user
• TOTP secret: secret for generating one-time passwords (two-factor authentication)

Attachment

An attachment is a file attached to a record. Each attachment is encrypted with its own attachment key (AES-256-CBC), which in turn is protected by the record key.

Folder

A folder is a way to organize records within a vault. Folders do not have their own encryption keys; records in folders are encrypted with the vault key.

---

User and authentication

Master password

The master password is the user's secret password known only to them. It is used to derive the master key via the PBKDF2 algorithm. The master password is never transmitted to the server and is never stored in plaintext.

User master key

The user master key is a 512-bit cryptographic key derived from the master password using the PBKDF2 function (300,000 iterations, SHA-256). It is used for:

• Encrypting the user's private RSA key (AES-256-CBC)
• Verifying master password correctness (via SHA-256 hash)

Master key hash

The master key hash is a SHA-256 hash of the user's master key. It is sent to the server to verify the correctness of the entered master password. The server compares the received hash with the stored value.

Salt

Salt is a random 20-character string unique to each user. It is used in the PBKDF2 algorithm together with the master password to derive the master key. The salt is stored on the server and transmitted to the client during authentication.

User RSA keys

A pair of 2048-bit asymmetric RSA keys generated using the WebCrypto API:

• Public key — stored on the server in plaintext. Used for encrypting vault keys when granting access.
• Private key — stored on the server in encrypted form (encrypted with the master key, AES-256-CBC). Used for decrypting vault keys.

---

Encryption keys

Vault key

The vault key is a random 256-bit symmetric key generated when a vault is created. It is used to encrypt record keys inside the vault (AES-256-CBC). For each user with access to the vault, a copy of the vault key encrypted with their public RSA key (RSA-OAEP) is created.

Record key

The record key is a random 256-bit symmetric key generated individually for each record. It is used to encrypt record contents (password field, custom fields, TOTP) and attachment keys (AES-256-CBC). The record key is encrypted with the vault key. A unique initialization vector (IV) is automatically generated for each encryption operation.

Attachment key

The attachment key is a random 256-bit symmetric key generated for each file. It is used to encrypt the binary file contents (AES-256-CBC). The attachment key is encrypted with the record key.

Server encryption key

The server key is a 256-bit symmetric key stored on the server in a file. It is used for additional data encryption before saving to the database (AES-256-CFB via OpenSSL).

---

Tokens and sessions

Access Token

The Access Token is a 256-bit (44 Base64 characters) access token. Used for authenticating API requests. Default lifetime: ~2.8 hours (10,000 seconds).

Refresh Token

The Refresh Token is a 256-bit refresh token. Used to obtain a new Access Token without re-entering credentials. Default lifetime: 36 hours (129,600 seconds).

Local Storage Secret Code

The Local Storage Secret Code is a random token (~596 bits of entropy) generated by the server when a user is created. It is used to encrypt the master key when saving to the browser's localStorage ("Remember master password" feature). Encryption is performed via AES-256-CBC.

---

Encryption modes

Client-Side Encryption (CSE)

Client-side encryption is an operating mode where data is encrypted in the user's browser before being sent to the server. It implements the Zero-Knowledge principle: the server has no access to decrypted data. Uses AES-256-CBC.

Server-Side Encryption

Server-side encryption is an additional layer of protection where data is encrypted on the server before being written to the database. It is always active, regardless of client-side encryption settings. Uses AES-256-CFB via OpenSSL.

Zero-Knowledge

Zero-Knowledge is a principle where the server does not have enough information to decrypt user data. All cryptographic operations are performed on the client side.

End-to-End Encryption (E2E)

End-to-End Encryption is encryption where data is encrypted on the sender's device and decrypted only on the recipient's device. In Passwork, it is implemented through key exchange using RSA-OAEP.

---

Data sharing

Internal sharing

Internal sharing is granting access to a vault or record to another Passwork user. The key is encrypted with the recipient's public RSA key (RSA-OAEP via WebCrypto).

External link

An external link is a way to share a record with someone without a Passwork account. A copy of the record is created, encrypted with a special link key (AES-256-CBC). The link token is embedded in the URL.

Link token

The link token is a random 43-character string (~256 bits) used to identify the external link and access encrypted data.

---

Cryptographic algorithms

PBKDF2

PBKDF2 (Password-Based Key Derivation Function 2) is an algorithm for deriving a cryptographic key from a password. It uses a salt and a large number of iterations to protect against brute-force attacks.

Parameters in Passwork:

• Client: 300,000 iterations, SHA-256, 512 bits
• Server: 600,000 iterations, SHA-512, 512 bits

AES-256-CFB

AES-256-CFB is a 256-bit symmetric block cipher in CFB (Cipher Feedback) mode. Used for server-side data encryption via OpenSSL.

AES-256-CBC

AES-256-CBC is a 256-bit symmetric block cipher in CBC (Cipher Block Chaining) mode. Used for client-side encryption.

RSA-OAEP

RSA-OAEP is an asymmetric encryption algorithm with Optimal Asymmetric Encryption Padding. Passwork uses 2048-bit keys with SHA-256 hash function. Implemented via the WebCrypto API.

CryptoJS AES

CryptoJS AES is a library for AES encryption on the client. Uses CBC mode with PKCS#7 padding and a built-in key derivation function. Output is encoded in Base32.

---

Abbreviations

Abbreviation	Meaning	Description
CSE	Client-Side Encryption	Encryption on the client
E2E	End-to-End Encryption	End-to-end encryption
PBKDF2	Password-Based Key Derivation Function 2	Password-based key derivation function
AES	Advanced Encryption Standard	Symmetric encryption algorithm
RSA	Rivest–Shamir–Adleman	Asymmetric encryption algorithm
OAEP	Optimal Asymmetric Encryption Padding	Padding scheme for RSA
CFB	Cipher Feedback	Cipher feedback mode
CBC	Cipher Block Chaining	Cipher block chaining mode
IV	Initialization Vector	Initialization vector
TOTP	Time-based One-Time Password	Time-based one-time password
TTL	Time To Live	Token lifetime

LLM version