If your Proton password is your encryption key, why couldn't Proton theoretically use it to decrypt your data?
If your Proton password is your encryption key, why couldn't Proton theoretically use it to decrypt your data?
AFAIK when you log in to Proton, you send them your password, they do the standard hashing and checking against the hash stored in their database, and if it matches them they let you log in by sending you a token of some sort.
If the your password is your encryption key, and if at some point Proton needs your plaintext password in order for you to log in, then doesn't that mean they still have a way to access your data? They could take the plaintext password and decrypt everything in your account without you knowing, right?
Your Proton password is not the encryption key for your data, not directly. Basically, your password is used to encrypt the actual encryption key inside your browser, and that encrypted encryption key is stored on Proton servers alongside your data. Proton can't access your data because they don't know your password which was used to encrypt the encryption key.
When you want to access your data, Proton servers sends the encrypted encryption key to your browser, and your browser decrypts it using the password you entered. Proton servers then send you your encrypted data, and your browser decrypts it using the decrypted encryption key and shows it to you. There's no point where Proton has enough information to decrypt your data. Your actual plaintext password never leaves your browser.
This is a simplified high-level overview of how it works, of course there's a lot more details to the actual implementation.
Awesome, very well explained! Thank you.
"To solve this problem, we have re-engineered our entire login process to never send the login password to our server, which has the added benefit of helping protect against MITM (man-in-the-middle) attacks."