Security Model

A detailed look at JumpTerm's encryption, key management, and zero-knowledge architecture.

Encryption Overview

JumpTerm uses a layered encryption model. Your vault passphrase is fed into Argon2id with memory-hard parameters (64 MB, 3 iterations, parallelism 4) to derive a key-encryption key (KEK). This KEK wraps a randomly generated vault master key (VMK). Each vault item is encrypted individually with the VMK using XChaCha20-Poly1305 with a unique random nonce.

This design means that changing your passphrase only requires re-wrapping the VMK, not re-encrypting every item. It also means the VMK can be securely shared with new devices through X25519 key exchange without exposing your passphrase.

Zero-Knowledge Server

Our sync server stores only encrypted blobs. It has no access to your passphrase, KEK, VMK, or any plaintext vault data. The server authenticates you with a separate credential (email + password or SSO token) that is completely independent of your vault encryption.

Even in the event of a complete server compromise, an attacker would obtain only ciphertext encrypted with XChaCha20-Poly1305. Without the VMK (which exists only on your authorized devices), this data is computationally infeasible to decrypt.

Key Rotation

The VMK can be rotated from Settings > Security > Rotate Encryption Key. This generates a new VMK, re-encrypts all vault items, and distributes the new key to all authorized devices. Key rotation is recommended after revoking a device to ensure the old device's copy of the VMK is no longer valid for new data.

Threat Model

JumpTerm is designed to protect against: server compromise, network eavesdropping, unauthorized device access, and insider threats. It does not protect against compromised endpoints (malware on your device with root access), rubber-hose cryptanalysis, or a lost passphrase with no remaining authorized devices.