What kind of encryption does EMOZ use for customer data?

There are two layers:

  1. Public data stored on-chain:
  • File hash (SHA-256)
  • Timestamp (issue date)
  • Algorithm used (e.g. SHA-256)
  1. Encrypted metadata:
  • Includes full name, a legal declaration, email (hashed), and source (“emoz.io”)
  • Email is hashed first with SHA-256, then encrypted using XSalsa20-Poly1305 with a unique 32-byte key per certificate
  • Metadata is only decryptable with a secret seed stored in the user’s PDF certificate

This layered design is built to preserve privacy, even as computing power continues to advance.

← All questions

Still need help? Write to us at support at emoz dot io and we will get back to you as soon as we can.