Can you further explain the encryption process and encryption keys being used?


To break this down:

Q. Could you please explain the encryption process?
A. During content creation, the PGP public key (2048-bit RSA) stored in Confluence would be sent to content creator's browser. The public key is then used to encrypt the content (secret) and stored into Confluence's macro body.
Notes: For browsers which do not support client-side encryption, content (secret) would be sent back to Confluence in plain text for encryption.

Q. Where are the PGP encryption keys kept?
A. The PGP encryption key is stored in the AO_DCA036_GLOBAL_KEY_PAIR table in the database. It is using ASCII-Armor and password protected. 

Q. Is there a way for server, database or Confluence admins to decrypt the data?

A. Confluence decrypts the stored encrypted secret using its private key and then re-encrypts using the received key (128-bit) from viewer, and then sends it back to the browser. Once the browser received the encrypted content, the same key (128-bit) is used to decrypt the content. Hence it is not possible to decrypt the data from the server or database. Only from the Confluence page and using the right credentials. Note that Confluence admins can still recover access to secrets.