Hardware-Backed Keys: How Krypt Protects Your Encryption

When it comes to encrypting your most sensitive data, the strength of the encryption algorithm is only half the battle. The other half is how your encryption keys are protected. Krypt leverages the ultimate security boundary: your device's own internal hardware.

The Argon2id Advantage

The foundation of Krypt's security begins with Argon2id, the winner of the Password Hashing Competition. When you create your master password, Krypt uses Argon2id to derive a strong cryptographic key. This process is intentionally slow and memory-hard, making it extremely resistant to brute-force attacks and highly secure against specialized cracking hardware like GPUs and ASICs.

hardware-Backed Security: Secure Enclave & Keystore

But Krypt doesn't stop there. Once your key is derived, it needs to be stored safely so you don't have to type your incredibly complex master password every single time you open the app. This is where hardware security comes in.

Krypt utilizes the Secure Enclave on Apple devices and the Android Keystore system on Android devices. These are dedicated, isolated hardware subsystems built directly into your phone’s processor. By storing your encryption keys within this specialized hardware, they are physically protected from malicious apps, malware, and even operating system compromises. The keys literally never leave the secure hardware boundary.

Uncompromising Local Security

By combining the rigorous key derivation of Argon2id with the impenetrable fortress of your device's Secure Enclave or Keystore, Krypt ensures that your vault remains locked tight. This hardware-backed approach guarantees that your Master Password remains the sole gateway to your data.

---