enveloppekryptering

Enveloppekryptering, also known as envelope encryption or content encryption key (CEK) encryption, is a method for encrypting data where a separate, randomly generated key is used to encrypt the actual data. This data encryption key (DEK) is then itself encrypted using a master key, often referred to as a key encryption key (KEK). The encrypted DEK is typically stored alongside the encrypted data.

This approach offers several advantages. Firstly, it allows for efficient encryption of large amounts of data.

Secondly, it simplifies key management. The master key, which is used to encrypt all the DEKs, can

When decryption is required, the process is reversed. The encrypted DEK is first decrypted using the master