Keep your documents always-encrypted and completely private in the cloud

Store, edit and collaborate on end-to-end encrypted documents. Safer, stronger and securer. Based on Blockchain technology.

It's all about data security

Data is becoming the world’s most valuable resource. At ONLYOFFICE, we realize that data security is a burning issue for most companies, especially when it comes to documents. To affirm ONLYOFFICE transparency and reliability, we opened its source code. Now we decide to move forward and provide users with stronger and securer way to work with documents online based on the blockchain-backed technology.

Why existing solutions are not 100% secure

Vulnerability of data centers

Document data stored in cloud storage services can be accessed or monitored by staff of service providers. Besides, restricted or classified information is frequently accessed or stolen by 3rd party.

Weak passwords

People often use simple passwords in order not to forget them, but the simpler the password is, the faster it will take to crack it with a brute-force.

Limited protection

Most security measures provided by leading cloud offices focus on storage protection only, which is often subjective and insufficient.

Poor encryption

Most services/sites store user passwords in plain text or using a very basic encryption, so if the site gets hacked, the passwords are easily accessible to anyone, no matter how complex the password is.

The ONLYOFFICE unique capabilities

Based on cryptography and blockchain technology

Reliable document encryption

ONLYOFFICE uses the AES-256 encryption algorithm to provide stronger security for working with documents online.

Support for all key formats

ONLYOFFICE works and encrypts Office documents of all key formats: DOCX, XLSX, PPTX, ODT, ODS, ODX, PDF.

Flexible access rights management

ONLYOFFICE offers different levels of access rights. You can grant access to review documents, or leave comments only, or fill out added fields, etc.

Encrypted real-time co-editing

ONLYOFFICE encrypts the data transfer while collaborating on documents online that prevents outsiders from being able to read or understand the changes you or your co-authors make.

Ethereum private network

ONLYOFFICE uses a blockchain technology with asymmetric encryption for reliable password storing and transferring.

How it works: technical background

Enabling encryption

ONLYOFFICE uses AES-256 to encrypt your files and data transfer while collaborating and a private blockchain network to store and transfer passwords privately.

Currently the end-to-end encryption is available through ONLYOFFICE desktop applications - ONLYOFFICE Desktop Editors v.5.2.7 or later available for Windows, Linux, and Mac OS.

  • To start, create a blockchain account in the ONLYOFFICE private network based on Parity with support for a Proof-of-Authority consensus engine. Please, note: this network is created for testing purposes.
  • Our network implements BIP39 to generate the mnemonic phrase that is automatically saved to the DOCX file on your local machine protected with the password you enter. This combination of 12 words is the only way to unlock your blockchain account.
  • To unlock your account next time on the same machine, just enter the password used to create it. To work privately from another device or in case you lose access to your account, you can easily recover it using the mnemonic phrase.

One public and private key pair will be generated and available within your account information. ONLYOFFICE implements BIP39 to generate it.

Encrypting documents

Each document is encrypted with its one, unique AES 256-bit key, updated every time you save the document. Each key is, in turn, protected with asymmetric encryption (using your public key) and together with a unique UUID as a file name and the author blockchain account address are stored in the blockchain network.

Encrypting documents

Once encrypted, you can store your documents on your favorite cloud storage and be sure that no one has access to your document content. To resume working on your document with ONLYOFFICE, no password should need to be inserted. With the end-to-end encryption enabled, the document will be decrypted automatically using your private key.

Sharing and co-editing encrypted documents

To collaborate on documents privately, ONLYOFFICE Cloud Service or server solutions (Enterprise or Community Editions) are required. The end-to-end encryption is supported since version 5.2.3 of Document Server and 9.6.4 of Community Server.

When you connect your desktop application with encryption enabled to the cloud, your public key is saved to the database used for ONLYOFFICE data storage. This key will be used if one decide to share a document with you.

Encrypting documents

To start co-editing encrypted documents, all co-authors must be connected to the cloud trough their desktop applications with the end-to-end encryption enabled. No passwords should need to be exchanged for sharing and collaboration. The document password encrypted using your public key will be automatically decrypted with the help of your private key.

Encrypting documents

If one of the co-authors disables the end-to-end encryption, he will not be able to receive the changes as all the inputs are encrypted using AES-256 algorithm.

Get started

Before you start,

Step 1
Deploy ONLYOFFICE Enterprise Edition on your own server or create an ONLYOFFICE account in the cloud.
Step 2
Install the latest version of ONLYOFFICE Desktop Editors
Step 3
Connect the desktop application to the cloud and start working on documents.

Enabling end-to-end encryption

Step 1
Launch ONLYOFFICE Desktop Editors and switch End-to-end encryption on from the Settings.
Step 2
Create a blockchain account in the ONLYOFFICE network using mnemonic phrase.
Step 3
Start creating and editing your local documents.

Collaborating on encrypted documents

Step 1
Enable the end-to-end encryption.
Step 2
Connect your desktop application to the ONLYOFFICE cloud.
Step 3
Share your document and start co-editing it privately together with your team.