Encrypted Forms and distributed decryption keys

  • Profile Image
    Barry Ribbeck 
    Asked on July 18, 2016 at 02:59 PM

    I am trying to understand your encrypted forms method.  You state that this is a browser based encryption which I will interpret as the client encrypts with a key only known to their browser any of the form data that is sent back to your service.  If the form is part of a work flow where you have no way to decrypt the form data which is sent to a person who is notified via workflow that a form has been submitted.  How is the decryption key distributed and made available to anyone who needs to view (decrypt) the data stored in your form?  You can't have access to the keys for decryption or it technically would not be zero knowledge correct? 

     

    Regards

    Barry

  • Profile Image
    Kiran
    Answered on July 18, 2016 at 03:42 PM

    Unfortunately, the encrypted forms cannot be used with workflow since this process is required to distribute the private key. If a private key is being shared using any method viz email, link, etc, there is no privacy with the form submission received. So, we do not recommend to use Form encryption when it is required to re-submit/edit the form submission by somebody else.

    Please refer to the guide below that can help you with more information on encrypted forms.

    https://www.jotform.com/help/344-Encrypted-Forms-and-How-to-Use-Them

    Hope this information helps!