diff --git a/backend/src/main/java/org/cryptomator/hub/api/DeviceResource.java b/backend/src/main/java/org/cryptomator/hub/api/DeviceResource.java
index 571157d50..6c994e5da 100644
--- a/backend/src/main/java/org/cryptomator/hub/api/DeviceResource.java
+++ b/backend/src/main/java/org/cryptomator/hub/api/DeviceResource.java
@@ -24,7 +24,6 @@
 import org.cryptomator.hub.entities.LegacyAccessToken;
 import org.cryptomator.hub.entities.LegacyDevice;
 import org.cryptomator.hub.entities.User;
-import org.cryptomator.hub.entities.events.DeviceRemovedEvent;
 import org.cryptomator.hub.entities.events.EventLogger;
 import org.cryptomator.hub.validation.NoHtmlOrScriptChars;
 import org.cryptomator.hub.validation.OnlyBase64Chars;
@@ -102,7 +101,7 @@ public Response createOrUpdate(@Valid @NotNull DeviceDto dto, @PathParam("device
 		}
 		device.setName(dto.name);
 		device.setPublickey(dto.publicKey);
-		device.setUserPrivateKey(dto.userPrivateKey);
+		device.setUserPrivateKeys(dto.userPrivateKeys);
 
 		try {
 			deviceRepo.persistAndFlush(device);
@@ -173,12 +172,12 @@ public record DeviceDto(@JsonProperty("id") @ValidId String id,
 							@JsonProperty("name") @NoHtmlOrScriptChars @NotBlank String name,
 							@JsonProperty("type") Device.Type type,
 							@JsonProperty("publicKey") @NotNull @OnlyBase64Chars String publicKey,
-							@JsonProperty("userPrivateKey") @NotNull @ValidJWE String userPrivateKey,
+							@JsonProperty("userPrivateKey") @NotNull @ValidJWE String userPrivateKeys, // singular name for history reasons (don't break client compatibility)
 							@JsonProperty("owner") @ValidId String ownerId,
 							@JsonProperty("creationTime") Instant creationTime) {
 
 		public static DeviceDto fromEntity(Device entity) {
-			return new DeviceDto(entity.getId(), entity.getName(), entity.getType(), entity.getPublickey(), entity.getUserPrivateKey(), entity.getOwner().getId(), entity.getCreationTime().truncatedTo(ChronoUnit.MILLIS));
+			return new DeviceDto(entity.getId(), entity.getName(), entity.getType(), entity.getPublickey(), entity.getUserPrivateKeys(), entity.getOwner().getId(), entity.getCreationTime().truncatedTo(ChronoUnit.MILLIS));
 		}
 
 	}
diff --git a/backend/src/main/java/org/cryptomator/hub/api/UserDto.java b/backend/src/main/java/org/cryptomator/hub/api/UserDto.java
index 1ed02ec7d..14542f009 100644
--- a/backend/src/main/java/org/cryptomator/hub/api/UserDto.java
+++ b/backend/src/main/java/org/cryptomator/hub/api/UserDto.java
@@ -14,24 +14,34 @@ public final class UserDto extends AuthorityDto {
 	public final String email;
 	@JsonProperty("devices")
 	public final Set<DeviceResource.DeviceDto> devices;
-	@JsonProperty("publicKey")
-	public final String publicKey;
-	@JsonProperty("privateKey")
-	public final String privateKey;
+	@JsonProperty("ecdhPublicKey")
+	public final String ecdhPublicKey;
+	@JsonProperty("ecdsaPublicKey")
+	public final String ecdsaPublicKey;
+	@JsonProperty("privateKey") // singular name for history reasons (don't break client compatibility)
+	public final String privateKeys;
 	@JsonProperty("setupCode")
 	public final String setupCode;
 
+	@Deprecated
+	@JsonProperty("publicKey")
+	public final String legacyEcdhPublicKey;
+
 	UserDto(@JsonProperty("id") String id, @JsonProperty("name") String name, @JsonProperty("pictureUrl") String pictureUrl, @JsonProperty("email") String email, @JsonProperty("devices") Set<DeviceResource.DeviceDto> devices,
-			@Nullable @JsonProperty("publicKey") @OnlyBase64Chars String publicKey, @Nullable @JsonProperty("privateKey") @ValidJWE String privateKey, @Nullable @JsonProperty("setupCode") @ValidJWE String setupCode) {
+			@Nullable @JsonProperty("ecdhPublicKey") @OnlyBase64Chars String ecdhPublicKey, @Nullable @JsonProperty("ecdsaPublicKey") @OnlyBase64Chars String ecdsaPublicKey, @Nullable @JsonProperty("privateKeys") @ValidJWE String privateKeys, @Nullable @JsonProperty("setupCode") @ValidJWE String setupCode) {
 		super(id, Type.USER, name, pictureUrl);
 		this.email = email;
 		this.devices = devices;
-		this.publicKey = publicKey;
-		this.privateKey = privateKey;
+		this.ecdhPublicKey = ecdhPublicKey;
+		this.ecdsaPublicKey = ecdsaPublicKey;
+		this.privateKeys = privateKeys;
 		this.setupCode = setupCode;
+
+		// duplicate fields to maintain backwards compatibility:
+		this.legacyEcdhPublicKey = ecdhPublicKey;
 	}
 
 	public static UserDto justPublicInfo(User user) {
-		return new UserDto(user.getId(), user.getName(), user.getPictureUrl(), user.getEmail(), Set.of(), user.getPublicKey(), null, null);
+		return new UserDto(user.getId(), user.getName(), user.getPictureUrl(), user.getEmail(), Set.of(), user.getEcdhPublicKey(), user.getEcdsaPublicKey(),null, null);
 	}
 }
diff --git a/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java b/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java
index f754a1320..0b2000578 100644
--- a/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java
+++ b/backend/src/main/java/org/cryptomator/hub/api/UsersResource.java
@@ -20,7 +20,6 @@
 import org.cryptomator.hub.entities.User;
 import org.cryptomator.hub.entities.Vault;
 import org.cryptomator.hub.entities.events.EventLogger;
-import org.cryptomator.hub.entities.events.VaultAccessGrantedEvent;
 import org.eclipse.microprofile.jwt.JsonWebToken;
 import org.eclipse.microprofile.openapi.annotations.Operation;
 import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
@@ -71,14 +70,37 @@ public Response putMe(@Nullable @Valid UserDto dto) {
 		user.setPictureUrl(jwt.getClaim("picture"));
 		user.setEmail(jwt.getClaim("email"));
 		if (dto != null) {
-			user.setPublicKey(dto.publicKey);
-			user.setPrivateKey(dto.privateKey);
+			user.setEcdhPublicKey(dto.ecdhPublicKey);
+			user.setEcdsaPublicKey(dto.ecdsaPublicKey);
+			user.setPrivateKeys(dto.privateKeys);
 			user.setSetupCode(dto.setupCode);
+			updateDevices(user, dto);
 		}
 		userRepo.persist(user);
 		return Response.created(URI.create(".")).build();
 	}
 
+	/**
+	 * Updates those devices that are present in both the entity and the DTO. No devices are added or removed.
+	 *
+	 * @param userEntity The persistent entity
+	 * @param userDto    The DTO
+	 */
+	private void updateDevices(User userEntity, UserDto userDto) {
+		var devices = userEntity.devices.stream().collect(Collectors.toUnmodifiableMap(Device::getId, Function.identity()));
+		var updatedDevices = userDto.devices.stream()
+				.filter(d -> devices.containsKey(d.id())) // only look at DTOs for which we find a matching existing entity
+				.map(dto -> {
+					var device = devices.get(dto.id());
+					device.setType(dto.type());
+					device.setName(dto.name());
+					device.setPublickey(dto.publicKey());
+					device.setUserPrivateKeys(dto.userPrivateKeys());
+					return device;
+				});
+		deviceRepo.persist(updatedDevices);
+	}
+
 	@POST
 	@Path("/me/access-tokens")
 	@RolesAllowed("user")
@@ -117,9 +139,9 @@ public Response updateMyAccessTokens(@NotNull Map<UUID, String> tokens) {
 	@APIResponse(responseCode = "404", description = "no user matching the subject of the JWT passed as Bearer Token")
 	public UserDto getMe(@QueryParam("withDevices") boolean withDevices) {
 		User user = userRepo.findById(jwt.getSubject());
-		Function<Device, DeviceResource.DeviceDto> mapDevices = d -> new DeviceResource.DeviceDto(d.getId(), d.getName(), d.getType(), d.getPublickey(), d.getUserPrivateKey(), d.getOwner().getId(), d.getCreationTime().truncatedTo(ChronoUnit.MILLIS));
+		Function<Device, DeviceResource.DeviceDto> mapDevices = d -> new DeviceResource.DeviceDto(d.getId(), d.getName(), d.getType(), d.getPublickey(), d.getUserPrivateKeys(), d.getOwner().getId(), d.getCreationTime().truncatedTo(ChronoUnit.MILLIS));
 		var devices = withDevices ? user.devices.stream().map(mapDevices).collect(Collectors.toSet()) : Set.<DeviceResource.DeviceDto>of();
-		return new UserDto(user.getId(), user.getName(), user.getPictureUrl(), user.getEmail(), devices, user.getPublicKey(), user.getPrivateKey(), user.getSetupCode());
+		return new UserDto(user.getId(), user.getName(), user.getPictureUrl(), user.getEmail(), devices, user.getEcdhPublicKey(), user.getEcdsaPublicKey(), user.getPrivateKeys(), user.getSetupCode());
 	}
 
 	@POST
@@ -131,8 +153,8 @@ public UserDto getMe(@QueryParam("withDevices") boolean withDevices) {
 	@APIResponse(responseCode = "204", description = "deleted keys, devices and access permissions")
 	public Response resetMe() {
 		User user = userRepo.findById(jwt.getSubject());
-		user.setPublicKey(null);
-		user.setPrivateKey(null);
+		user.setEcdhPublicKey(null);
+		user.setPrivateKeys(null);
 		user.setSetupCode(null);
 		userRepo.persist(user);
 		deviceRepo.deleteByOwner(user.getId());
diff --git a/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java b/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java
index 53955810f..c46646db7 100644
--- a/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java
+++ b/backend/src/main/java/org/cryptomator/hub/api/VaultResource.java
@@ -313,7 +313,7 @@ public Response unlock(@PathParam("vaultId") UUID vaultId, @QueryParam("evenIfAr
 		}
 
 		var user = userRepo.findById(jwt.getSubject());
-		if (user.getPublicKey() == null) {
+		if (user.getEcdhPublicKey() == null) {
 			throw new ActionRequiredException("User account not initialized.");
 		}
 
diff --git a/backend/src/main/java/org/cryptomator/hub/entities/Device.java b/backend/src/main/java/org/cryptomator/hub/entities/Device.java
index 3d64a359e..04ba69e6d 100644
--- a/backend/src/main/java/org/cryptomator/hub/entities/Device.java
+++ b/backend/src/main/java/org/cryptomator/hub/entities/Device.java
@@ -56,8 +56,8 @@ public enum Type {
 	@Column(name = "publickey", nullable = false)
 	private String publickey;
 
-	@Column(name = "user_privatekey", nullable = false)
-	private String userPrivateKey;
+	@Column(name = "user_privatekeys", nullable = false)
+	private String userPrivateKeys;
 
 	@Column(name = "creation_time", nullable = false)
 	private Instant creationTime;
@@ -102,12 +102,12 @@ public void setPublickey(String publickey) {
 		this.publickey = publickey;
 	}
 
-	public String getUserPrivateKey() {
-		return userPrivateKey;
+	public String getUserPrivateKeys() {
+		return userPrivateKeys;
 	}
 
-	public void setUserPrivateKey(String userPrivateKey) {
-		this.userPrivateKey = userPrivateKey;
+	public void setUserPrivateKeys(String userPrivateKeys) {
+		this.userPrivateKeys = userPrivateKeys;
 	}
 
 	public Instant getCreationTime() {
@@ -126,7 +126,7 @@ public String toString() {
 				", name='" + name + '\'' +
 				", type='" + type + '\'' +
 				", publickey='" + publickey + '\'' +
-				", userPrivateKey='" + userPrivateKey + '\'' +
+				", userPrivateKey='" + userPrivateKeys + '\'' +
 				", creationTime='" + creationTime + '\'' +
 				'}';
 	}
@@ -141,13 +141,13 @@ public boolean equals(Object o) {
 				&& Objects.equals(this.name, other.name)
 				&& Objects.equals(this.type, other.type)
 				&& Objects.equals(this.publickey, other.publickey)
-				&& Objects.equals(this.userPrivateKey, other.userPrivateKey)
+				&& Objects.equals(this.userPrivateKeys, other.userPrivateKeys)
 				&& Objects.equals(this.creationTime, other.creationTime);
 	}
 
 	@Override
 	public int hashCode() {
-		return Objects.hash(id, owner, name, type, publickey, userPrivateKey, creationTime);
+		return Objects.hash(id, owner, name, type, publickey, userPrivateKeys, creationTime);
 	}
 
 	@ApplicationScoped
diff --git a/backend/src/main/java/org/cryptomator/hub/entities/User.java b/backend/src/main/java/org/cryptomator/hub/entities/User.java
index 8bca0b0ca..0727a9458 100644
--- a/backend/src/main/java/org/cryptomator/hub/entities/User.java
+++ b/backend/src/main/java/org/cryptomator/hub/entities/User.java
@@ -26,7 +26,7 @@
 				FROM User u
 					INNER JOIN EffectiveVaultAccess perm ON u.id = perm.id.authorityId
 					LEFT JOIN u.accessTokens token ON token.id.vaultId = :vaultId AND token.id.userId = u.id
-					WHERE perm.id.vaultId = :vaultId AND token.vault IS NULL AND u.publicKey IS NOT NULL
+					WHERE perm.id.vaultId = :vaultId AND token.vault IS NULL AND u.ecdhPublicKey IS NOT NULL
 				"""
 )
 @NamedQuery(name = "User.getEffectiveGroupUsers", query = """
@@ -49,11 +49,14 @@ public class User extends Authority {
 	@Column(name = "email")
 	private String email;
 
-	@Column(name = "publickey")
-	private String publicKey;
+	@Column(name = "ecdh_publickey")
+	private String ecdhPublicKey;
 
-	@Column(name = "privatekey")
-	private String privateKey;
+	@Column(name = "ecdsa_publickey")
+	private String ecdsaPublicKey;
+
+	@Column(name = "privatekeys")
+	private String privateKeys;
 
 	@Column(name = "setupcode")
 	private String setupCode;
@@ -74,20 +77,28 @@ public void setEmail(String email) {
 		this.email = email;
 	}
 
-	public String getPublicKey() {
-		return publicKey;
+	public String getEcdhPublicKey() {
+		return ecdhPublicKey;
+	}
+
+	public void setEcdhPublicKey(String ecdhPublicKey) {
+		this.ecdhPublicKey = ecdhPublicKey;
+	}
+
+	public String getEcdsaPublicKey() {
+		return ecdsaPublicKey;
 	}
 
-	public void setPublicKey(String publicKey) {
-		this.publicKey = publicKey;
+	public void setEcdsaPublicKey(String ecdsaPublicKey) {
+		this.ecdsaPublicKey = ecdsaPublicKey;
 	}
 
-	public String getPrivateKey() {
-		return privateKey;
+	public String getPrivateKeys() {
+		return privateKeys;
 	}
 
-	public void setPrivateKey(String privateKey) {
-		this.privateKey = privateKey;
+	public void setPrivateKeys(String privateKeys) {
+		this.privateKeys = privateKeys;
 	}
 
 	public String getSetupCode() {
@@ -128,14 +139,15 @@ public boolean equals(Object o) {
 		return super.equals(that) //
 				&& Objects.equals(pictureUrl, that.pictureUrl) //
 				&& Objects.equals(email, that.email) //
-				&& Objects.equals(publicKey, that.publicKey) //
-				&& Objects.equals(privateKey, that.privateKey) //
+				&& Objects.equals(ecdhPublicKey, that.ecdhPublicKey) //
+				&& Objects.equals(ecdsaPublicKey, that.ecdsaPublicKey) //
+				&& Objects.equals(privateKeys, that.privateKeys) //
 				&& Objects.equals(setupCode, that.setupCode);
 	}
 
 	@Override
 	public int hashCode() {
-		return Objects.hash(super.getId(), pictureUrl, email, publicKey, privateKey, setupCode);
+		return Objects.hash(super.getId(), pictureUrl, email, ecdhPublicKey, privateKeys, setupCode);
 	}
 
 	@ApplicationScoped
diff --git a/backend/src/main/resources/org/cryptomator/hub/flyway/ERM.png b/backend/src/main/resources/org/cryptomator/hub/flyway/ERM.png
index c19e352b3..19bce5b4b 100644
Binary files a/backend/src/main/resources/org/cryptomator/hub/flyway/ERM.png and b/backend/src/main/resources/org/cryptomator/hub/flyway/ERM.png differ
diff --git a/backend/src/main/resources/org/cryptomator/hub/flyway/V15__User_ECDSA.sql b/backend/src/main/resources/org/cryptomator/hub/flyway/V15__User_ECDSA.sql
new file mode 100644
index 000000000..c21b56590
--- /dev/null
+++ b/backend/src/main/resources/org/cryptomator/hub/flyway/V15__User_ECDSA.sql
@@ -0,0 +1,4 @@
+ALTER TABLE "user_details" RENAME COLUMN "publickey" TO "ecdh_publickey";
+ALTER TABLE "user_details" RENAME COLUMN "privatekey" TO "privatekeys";
+ALTER TABLE "user_details" ADD "ecdsa_publickey" VARCHAR;
+ALTER TABLE "device" RENAME COLUMN "user_privatekey" TO "user_privatekeys";
\ No newline at end of file
diff --git a/backend/src/test/java/org/cryptomator/hub/api/VaultResourceIT.java b/backend/src/test/java/org/cryptomator/hub/api/VaultResourceIT.java
index cd2899643..5d254fbaf 100644
--- a/backend/src/test/java/org/cryptomator/hub/api/VaultResourceIT.java
+++ b/backend/src/test/java/org/cryptomator/hub/api/VaultResourceIT.java
@@ -446,7 +446,7 @@ public void testGetUsersRequiringAccess1() throws SQLException {
 			try (var c = dataSource.getConnection(); var s = c.createStatement()) {
 				s.execute("""
 						UPDATE "user_details"
-						SET publickey='public2', privatekey='private2', setupcode='setup2'
+						SET ecdh_publickey='public2', ecdsa_publickey='ecdsa_public2', privatekeys='private2', setupcode='setup2'
 						WHERE id='user2';
 						""");
 			}
@@ -458,7 +458,7 @@ public void testGetUsersRequiringAccess1() throws SQLException {
 			try (var c = dataSource.getConnection(); var s = c.createStatement()) {
 				s.execute("""
 						UPDATE
-						"user_details" SET publickey=NULL, privatekey=NULL, setupcode=NULL
+						"user_details" SET ecdh_publickey=NULL, ecdsa_publickey=NULL, privatekeys=NULL, setupcode=NULL
 						WHERE id='user2';
 						""");
 			}
@@ -488,7 +488,7 @@ public void testGetUsersRequiringAccess2() throws SQLException {
 			try (var c = dataSource.getConnection(); var s = c.createStatement()) {
 				s.execute("""
 						UPDATE
-						"user_details" SET publickey='public2', privatekey='private2', setupcode='setup2'
+						"user_details" SET ecdh_publickey='ecdh_public2', ecdsa_publickey='ecdsa_public2', privatekeys='private2', setupcode='setup2'
 						WHERE id='user2';
 						""");
 			}
@@ -500,7 +500,7 @@ public void testGetUsersRequiringAccess2() throws SQLException {
 			try (var c = dataSource.getConnection(); var s = c.createStatement()) {
 				s.execute("""
 						UPDATE
-						"user_details" SET publickey=NULL, privatekey=NULL, setupcode=NULL
+						"user_details" SET ecdh_publickey=NULL, ecdsa_publickey=NULL, privatekeys=NULL, setupcode=NULL
 						WHERE id='user2';
 						""");
 			}
@@ -559,7 +559,7 @@ public void setup() throws SQLException {
 				// user999 will be deleted in #cleanup()
 				s.execute("""
 						INSERT INTO "authority" ("id", "type", "name") VALUES ('user999', 'USER', 'User 999');
-						INSERT INTO "user_details" ("id", "publickey", "privatekey", "setupcode") VALUES ('user999', 'public999', 'private999', 'setup999');
+						INSERT INTO "user_details" ("id", "ecdh_publickey", "ecdsa_publickey", "privatekeys", "setupcode") VALUES ('user999', 'ecdh_public999', 'ecdsa_public999', 'private999', 'setup999');
 						INSERT INTO "group_membership" ("group_id", "member_id") VALUES ('group2', 'user999')
 						""");
 			}
diff --git a/backend/src/test/resources/org/cryptomator/hub/flyway/V9999__Test_Data.sql b/backend/src/test/resources/org/cryptomator/hub/flyway/V9999__Test_Data.sql
index 3ac426e73..ee02b474b 100644
--- a/backend/src/test/resources/org/cryptomator/hub/flyway/V9999__Test_Data.sql
+++ b/backend/src/test/resources/org/cryptomator/hub/flyway/V9999__Test_Data.sql
@@ -14,10 +14,10 @@ VALUES
 	('group1', 'GROUP', 'Group Name 1'),
     ('group2', 'GROUP', 'Group Name 2');
 
-INSERT INTO "user_details" ("id", "publickey", "privatekey", "setupcode")
+INSERT INTO "user_details" ("id", "ecdh_publickey", "ecdsa_publickey", "privatekeys", "setupcode")
 VALUES
-	('user1', 'public1', 'private1', 'setup1'),
-	('user2', NULL, NULL, NULL);
+	('user1', 'ecdh_public1', 'ecdsa_public1', 'private1', 'setup1'),
+	('user2', NULL, NULL, NULL, NULL);
 
 INSERT INTO "group_details" ("id")
 VALUES
@@ -52,7 +52,7 @@ VALUES
 	('7E57C0DE-0000-4000-8000-000100002222', 'group2', 'OWNER'),
 	('7E57C0DE-0000-4000-8000-000100002222', 'group1', 'MEMBER');
 
-INSERT INTO "device" ("id", "owner_id", "name", "type", "publickey", "creation_time", "user_privatekey")
+INSERT INTO "device" ("id", "owner_id", "name", "type", "publickey", "creation_time", "user_privatekeys")
 VALUES
 	('device1', 'user1', 'Computer 1', 'DESKTOP', 'publickey1', '2020-02-20 20:20:20', 'jwe.jwe.jwe.user1.device1'),
 	('device2', 'user2', 'Computer 2', 'DESKTOP', 'publickey2', '2020-02-20 20:20:20', 'jwe.jwe.jwe.user2.device2'),
diff --git a/frontend/src/common/backend.ts b/frontend/src/common/backend.ts
index 880a844f5..fb2072a4f 100644
--- a/frontend/src/common/backend.ts
+++ b/frontend/src/common/backend.ts
@@ -72,7 +72,8 @@ export type UserDto = {
   email: string;
   devices: DeviceDto[];
   accessibleVaults: VaultDto[];
-  publicKey?: string;
+  ecdhPublicKey?: string;
+  ecdsaPublicKey?: string;
   privateKey?: string;
   setupCode?: string;
 }
diff --git a/frontend/src/common/crypto.ts b/frontend/src/common/crypto.ts
index cb1d5a510..a2cc0d6f0 100644
--- a/frontend/src/common/crypto.ts
+++ b/frontend/src/common/crypto.ts
@@ -33,6 +33,15 @@ interface JWEPayload {
   key: string
 }
 
+interface UserKeyPayload {
+  /**
+   * @deprecated use `ecdhPrivateKey` instead
+   */
+  key: string,
+  ecdhPrivateKey: string,
+  ecdsaPrivateKey: string,
+}
+
 const GCM_NONCE_LEN = 12;
 
 export class VaultKeys {
@@ -219,8 +228,8 @@ export class VaultKeys {
    * @param userPublicKey The recipient's public key (DER-encoded)
    * @returns a JWE containing this Masterkey
    */
-  public async encryptForUser(userPublicKey: Uint8Array): Promise<string> {
-    const publicKey = await crypto.subtle.importKey('spki', userPublicKey, UserKeys.KEY_DESIGNATION, false, []);
+  public async encryptForUser(userPublicKey: CryptoKey | BufferSource): Promise<string> {
+    const publicKey = await asPublicKey(userPublicKey, UserKeys.ECDH_KEY_DESIGNATION);
     const rawkey = new Uint8Array(await crypto.subtle.exportKey('raw', this.masterKey));
     try {
       const payload: JWEPayload = {
@@ -251,51 +260,87 @@ export class VaultKeys {
 }
 
 export class UserKeys {
-  public static readonly KEY_USAGES: KeyUsage[] = ['deriveBits'];
+  public static readonly ECDH_KEY_USAGES: KeyUsage[] = ['deriveBits'];
 
-  public static readonly KEY_DESIGNATION: EcKeyImportParams | EcKeyGenParams = {
-    name: 'ECDH',
-    namedCurve: 'P-384'
-  };
+  public static readonly ECDH_KEY_DESIGNATION: EcKeyImportParams | EcKeyGenParams = { name: 'ECDH', namedCurve: 'P-384' };
 
-  readonly keyPair: CryptoKeyPair;
+  public static readonly ECDSA_KEY_USAGES: KeyUsage[] = ['sign'];
 
-  protected constructor(keyPair: CryptoKeyPair) {
-    this.keyPair = keyPair;
-  }
+  public static readonly ECDSA_KEY_DESIGNATION: EcKeyImportParams | EcKeyGenParams = { name: 'ECDSA', namedCurve: 'P-384' };
+
+
+  protected constructor(readonly ecdhKeyPair: CryptoKeyPair, readonly ecdsaKeyPair: CryptoKeyPair) { }
 
   /**
-   * Creates a new user key pair
-   * @returns A new user key pair
+   * Creates new user key pairs
+   * @returns A set of new user key pairs
    */
   public static async create(): Promise<UserKeys> {
-    const keyPair = crypto.subtle.generateKey(UserKeys.KEY_DESIGNATION, true, UserKeys.KEY_USAGES);
-    return new UserKeys(await keyPair);
+    const ecdhKeyPair = crypto.subtle.generateKey(UserKeys.ECDH_KEY_DESIGNATION, true, UserKeys.ECDH_KEY_USAGES);
+    const ecdsaKeyPair = crypto.subtle.generateKey(UserKeys.ECDSA_KEY_DESIGNATION, true, UserKeys.ECDSA_KEY_USAGES);
+    return new UserKeys(await ecdhKeyPair, await ecdsaKeyPair);
   }
 
   /**
-   * Recovers the user key pair using a recovery code. All other information can be retrieved from the backend.
-   * @param encodedPublicKey The public key (base64-encoded SPKI)
-   * @param encryptedPrivateKey The JWE holding the encrypted private key
-   * @param setupCode The password used to protect the private key
+   * Recovers the user key pairs using a recovery code. All other information can be retrieved from the backend.
+   * @param encodedEcdhPublicKey The ECDH public key (base64-encoded SPKI)
+   * @param encodedEcdsaPublicKey The ECDSA public key (base64-encoded SPKI)
+   * @param privateKeys The JWE holding the encrypted private keys
+   * @param setupCode The password used to protect the private keys
    * @returns Decrypted UserKeys
    * @throws {UnwrapKeyError} when attempting to decrypt the private key using an incorrect setupCode
    */
-  public static async recover(encodedPublicKey: string, encryptedPrivateKey: string, setupCode: string): Promise<UserKeys> {
-    const jwe: JWEPayload = await JWEParser.parse(encryptedPrivateKey).decryptPbes2(setupCode);
-    const decodedPublicKey = base64.parse(encodedPublicKey, { loose: true });
-    const decodedPrivateKey = base64.parse(jwe.key, { loose: true });
-    const privateKey = crypto.subtle.importKey('pkcs8', decodedPrivateKey, UserKeys.KEY_DESIGNATION, true, UserKeys.KEY_USAGES);
-    const publicKey = crypto.subtle.importKey('spki', decodedPublicKey, UserKeys.KEY_DESIGNATION, true, []);
-    return new UserKeys({ privateKey: await privateKey, publicKey: await publicKey });
+  public static async recover(privateKeys: string, setupCode: string, userEcdhPublicKey: CryptoKey | BufferSource, userEcdsaPublicKey?: CryptoKey | BufferSource): Promise<UserKeys> {
+    const jwe: UserKeyPayload = await JWEParser.parse(privateKeys).decryptPbes2(setupCode);
+    return UserKeys.createFromJwe(jwe, userEcdhPublicKey, userEcdsaPublicKey);
+  }
+
+  /**
+   * Decrypts the user's private key using the browser's private key
+   * @param jwe JWE containing the PKCS#8-encoded private key
+   * @param browserPrivateKey The browser's private key
+   * @param userEcdhPublicKey User's public ECDH key
+   * @param userEcdsaPublicKey User's public ECDSA key (will be generated if missing - added in Hub 1.4.0)
+   * @returns The user's key pair
+   */
+  public static async decryptOnBrowser(jwe: string, browserPrivateKey: CryptoKey, userEcdhPublicKey: CryptoKey | BufferSource, userEcdsaPublicKey?: CryptoKey | BufferSource): Promise<UserKeys> {
+    const payload: UserKeyPayload = await JWEParser.parse(jwe).decryptEcdhEs(browserPrivateKey);
+    return UserKeys.createFromJwe(payload, userEcdhPublicKey, userEcdsaPublicKey);
+  }
+
+  private static async createFromJwe(jwe: UserKeyPayload, ecdhPublicKey: CryptoKey | BufferSource, ecdsaPublicKey?: CryptoKey | BufferSource): Promise<UserKeys> {
+    const ecdhKeyPair: CryptoKeyPair = {
+      publicKey: await asPublicKey(ecdhPublicKey, UserKeys.ECDH_KEY_DESIGNATION),
+      privateKey: await crypto.subtle.importKey('pkcs8', base64.parse(jwe.ecdhPrivateKey ?? jwe.key, { loose: true }), UserKeys.ECDH_KEY_DESIGNATION, true, UserKeys.ECDH_KEY_USAGES)
+    };
+    let ecdsaKeyPair: CryptoKeyPair;
+    if (jwe.ecdsaPrivateKey && ecdsaPublicKey) {
+      ecdsaKeyPair = {
+        publicKey: await asPublicKey(ecdsaPublicKey, UserKeys.ECDSA_KEY_DESIGNATION),
+        privateKey: await crypto.subtle.importKey('pkcs8', base64.parse(jwe.ecdsaPrivateKey, { loose: true }), UserKeys.ECDSA_KEY_DESIGNATION, true, UserKeys.ECDSA_KEY_USAGES)
+      };
+    } else {
+      // ECDSA key was added in Hub 1.4.0. If it's missing, we generate a new one.
+      ecdsaKeyPair = await crypto.subtle.generateKey(UserKeys.ECDSA_KEY_DESIGNATION, true, UserKeys.ECDSA_KEY_USAGES);
+    }
+    return new UserKeys(ecdhKeyPair, ecdsaKeyPair);
   }
 
   /**
-   * Gets the base64-encoded public key in SPKI format.
+   * Gets the base64-encoded ECDH public key in SPKI format.
    * @returns base64-encoded public key
    */
-  public async encodedPublicKey(): Promise<string> {
-    const publicKey = new Uint8Array(await crypto.subtle.exportKey('spki', this.keyPair.publicKey));
+  public async encodedEcdhPublicKey(): Promise<string> {
+    const publicKey = new Uint8Array(await crypto.subtle.exportKey('spki', this.ecdhKeyPair.publicKey));
+    return base64.stringify(publicKey);
+  }
+
+  /**
+   * Gets the base64-encoded ECDSA public key in SPKI format.
+   * @returns base64-encoded public key
+   */
+  public async encodedEcdsaPublicKey(): Promise<string> {
+    const publicKey = new Uint8Array(await crypto.subtle.exportKey('spki', this.ecdsaKeyPair.publicKey));
     return base64.stringify(publicKey);
   }
 
@@ -305,16 +350,9 @@ export class UserKeys {
    * @returns A JWE holding the encrypted private key
    * @see JWEBuilder.pbes2
    */
-  public async encryptedPrivateKey(setupCode: string): Promise<string> {
-    const rawkey = new Uint8Array(await crypto.subtle.exportKey('pkcs8', this.keyPair.privateKey));
-    try {
-      const payload: JWEPayload = {
-        key: base64.stringify(rawkey)
-      };
-      return await JWEBuilder.pbes2(setupCode).encrypt(payload);
-    } finally {
-      rawkey.fill(0x00);
-    }
+  public async encryptWithSetupCode(setupCode: string, iterations?: number): Promise<string> {
+    const payload = await this.prepareForEncryption();
+    return await JWEBuilder.pbes2(setupCode, iterations).encrypt(payload);
   }
 
   /**
@@ -324,43 +362,23 @@ export class UserKeys {
    * @see JWEBuilder.ecdhEs
    */
   public async encryptForDevice(devicePublicKey: CryptoKey | Uint8Array): Promise<string> {
-    const publicKey = await UserKeys.publicKey(devicePublicKey);
-    const rawkey = new Uint8Array(await crypto.subtle.exportKey('pkcs8', this.keyPair.privateKey));
-    try {
-      const payload: JWEPayload = {
-        key: base64.stringify(rawkey)
-      };
-      return JWEBuilder.ecdhEs(publicKey).encrypt(payload);
-    } finally {
-      rawkey.fill(0x00);
-    }
+    const publicKey = await asPublicKey(devicePublicKey, BrowserKeys.KEY_DESIGNATION);
+    const payload = await this.prepareForEncryption();
+    return JWEBuilder.ecdhEs(publicKey).encrypt(payload);
   }
 
-  /**
-   * Decrypts the user's private key using the browser's private key
-   * @param jwe JWE containing the PKCS#8-encoded private key
-   * @param browserPrivateKey The browser's private key
-   * @param userPublicKey User public key
-   * @returns The user's key pair
-   */
-  public static async decryptOnBrowser(jwe: string, browserPrivateKey: CryptoKey, userPublicKey: CryptoKey | BufferSource): Promise<UserKeys> {
-    const publicKey = await UserKeys.publicKey(userPublicKey);
-    let rawKey = new Uint8Array();
+  private async prepareForEncryption(): Promise<UserKeyPayload> {
+    const encodedEcdhPrivateKey = new Uint8Array(await crypto.subtle.exportKey('pkcs8', this.ecdhKeyPair.privateKey));
+    const encodedEcdsaPrivateKey = new Uint8Array(await crypto.subtle.exportKey('pkcs8', this.ecdsaKeyPair.privateKey));
     try {
-      const payload: JWEPayload = await JWEParser.parse(jwe).decryptEcdhEs(browserPrivateKey);
-      rawKey = base64.parse(payload.key);
-      const privateKey = await crypto.subtle.importKey('pkcs8', rawKey, UserKeys.KEY_DESIGNATION, true, UserKeys.KEY_USAGES);
-      return new UserKeys({ publicKey: publicKey, privateKey: privateKey });
+      return {
+        key: base64.stringify(encodedEcdhPrivateKey), // redundant for backwards compatibility
+        ecdhPrivateKey: base64.stringify(encodedEcdhPrivateKey),
+        ecdsaPrivateKey: base64.stringify(encodedEcdsaPrivateKey)
+      };
     } finally {
-      rawKey.fill(0x00);
-    }
-  }
-
-  private static async publicKey(publicKey: CryptoKey | BufferSource): Promise<CryptoKey> {
-    if (publicKey instanceof CryptoKey) {
-      return publicKey;
-    } else {
-      return await crypto.subtle.importKey('spki', publicKey, UserKeys.KEY_DESIGNATION, true, []);
+      encodedEcdhPrivateKey.fill(0x00);
+      encodedEcdsaPrivateKey.fill(0x00);
     }
   }
 }
@@ -368,7 +386,7 @@ export class UserKeys {
 export class BrowserKeys {
   public static readonly KEY_USAGES: KeyUsage[] = ['deriveBits'];
 
-  private static readonly KEY_DESIGNATION: EcKeyImportParams | EcKeyGenParams = {
+  public static readonly KEY_DESIGNATION: EcKeyImportParams | EcKeyGenParams = {
     name: 'ECDH',
     namedCurve: 'P-384'
   };
@@ -438,6 +456,14 @@ export class BrowserKeys {
   }
 }
 
+async function asPublicKey(publicKey: CryptoKey | BufferSource, keyDesignation: EcKeyImportParams): Promise<CryptoKey> {
+  if (publicKey instanceof CryptoKey) {
+    return publicKey;
+  } else {
+    return await crypto.subtle.importKey('spki', publicKey, keyDesignation, true, []);
+  }
+}
+
 export async function getFingerprint(key: string | undefined) {
   if (key) {
     const encodedKey = new TextEncoder().encode(key);
diff --git a/frontend/src/common/userdata.ts b/frontend/src/common/userdata.ts
new file mode 100644
index 000000000..800f6c80b
--- /dev/null
+++ b/frontend/src/common/userdata.ts
@@ -0,0 +1,143 @@
+import { base64 } from 'rfc4648';
+import backend, { DeviceDto, UserDto } from './backend';
+import { BrowserKeys, UserKeys } from './crypto';
+import { JWEParser } from './jwe';
+
+class UserData {
+
+  #me?: Promise<UserDto>;
+  #browserKeys?: Promise<BrowserKeys | undefined>;
+
+  /**
+   * Gets the user DTO representing the currently logged in user.
+   */
+  public get me(): Promise<UserDto> {
+    if (!this.#me) {
+      this.#me = backend.users.me(true);
+    }
+    return this.#me;
+  }
+
+  /**
+   * Gets the device key pair stored for this user in the currently used browser.
+   */
+  public get browserKeys(): Promise<BrowserKeys | undefined> {
+    return this.me.then(me => {
+      if (!this.#browserKeys) {
+        this.#browserKeys = BrowserKeys.load(me.id);
+      }
+      return this.#browserKeys;
+    });
+  }
+
+  /**
+   * Gets the device that represents the currently used browser.
+   */
+  public get browser(): Promise<DeviceDto | undefined> {
+    return this.me.then(async me => {
+      const browserKeys = await this.browserKeys;
+      const browserId = await browserKeys?.id();
+      return browserId ? me.devices.find(d => d.id === browserId) : undefined;
+    });
+  }
+
+  /**
+   * Gets the ECDH public key of the user.
+   * 
+   * @see UserDto.ecdhPublicKey
+   */
+  public get ecdhPublicKey(): Promise<Uint8Array> {
+    return this.me.then(me => {
+      if (!me.ecdhPublicKey) {
+        throw new Error('User not initialized.');
+      }
+      return base64.parse(me.ecdhPublicKey);
+    });
+  }
+
+  /**
+   * Gets the ECDSA public key of the user, if available.
+   * 
+   * @see UserDto.ecdsaPublicKey
+   */
+  public get ecdsaPublicKey(): Promise<Uint8Array | undefined> {
+    return this.me.then(me => {
+      return me.ecdsaPublicKey ? base64.parse(me.ecdsaPublicKey) : undefined;
+    });
+  }
+
+  /**
+   * Invalidates the cached user data and reloads it in the backend.
+   */
+  public async reload() {
+    this.#me = backend.users.me(true);
+    this.#browserKeys = undefined;
+  }
+
+  /**
+   * Creates a new browser key pair for the user.
+   * This does not change the device DTO stored in the backend.
+   * @returns A new browser key pair for the user.
+   */
+  public async createBrowserKeys(): Promise<BrowserKeys> {
+    const me = await this.me;
+    const browserKeys = await BrowserKeys.create();
+    await browserKeys.store(me.id);
+    this.#browserKeys = Promise.resolve(browserKeys);
+    return browserKeys;
+  }
+
+  /**
+   * Decrypts the user keys using the setup code.
+   * @param setupCode the setup code
+   * @returns The user's key pairs
+   */
+  public async decryptUserKeysWithSetupCode(setupCode: string): Promise<UserKeys> {
+    const me = await this.me;
+    if (!me.privateKey) {
+      throw new Error('User not initialized.');
+    }
+    const userKeys = await UserKeys.recover(me.privateKey, setupCode, await this.ecdhPublicKey, await this.ecdsaPublicKey);
+    await this.addEcdsaKeyIfMissing(userKeys);
+    return userKeys;
+  }
+
+  /**
+   * Decrypts the user keys using the device key stored in the currently used browser.
+   * @returns The user's key pairs
+   */
+  public async decryptUserKeysWithBrowser(): Promise<UserKeys> {
+    const browserKeys = await this.browserKeys;
+    if (!browserKeys) {
+      throw new Error('Browser keys not found.');
+    }
+    const browser = await this.browser;
+    if (!browser) {
+      throw new Error('Device not initialized.');
+    }
+    const userKeys = await UserKeys.decryptOnBrowser(browser.userPrivateKey, browserKeys.keyPair.privateKey, await this.ecdhPublicKey, await this.ecdsaPublicKey);
+    await this.addEcdsaKeyIfMissing(userKeys);
+    return userKeys;
+  }
+
+  /**
+   * Updates the stored user keys, if the ECDSA key was missing before (added in 1.4.0)
+   * @param userKeys The user keys that contain the ECDSA key
+   */
+  private async addEcdsaKeyIfMissing(userKeys: UserKeys) {
+    const me = await this.me;
+    if (me.setupCode && !me.ecdsaPublicKey) {
+      const payload: { setupCode: string } = await JWEParser.parse(me.setupCode).decryptEcdhEs(userKeys.ecdhKeyPair.privateKey);
+      me.ecdsaPublicKey = await userKeys.encodedEcdsaPublicKey();
+      me.privateKey = await userKeys.encryptWithSetupCode(payload.setupCode);
+      for (const device of me.devices) {
+        device.userPrivateKey = await userKeys.encryptForDevice(base64.parse(device.publicKey));
+      }
+      await backend.users.putMe(me);
+    }
+  }
+
+}
+
+const instance = new UserData();
+export default instance;
diff --git a/frontend/src/components/AuthenticatedMain.vue b/frontend/src/components/AuthenticatedMain.vue
index bb9e6610c..eaffe4055 100644
--- a/frontend/src/components/AuthenticatedMain.vue
+++ b/frontend/src/components/AuthenticatedMain.vue
@@ -21,7 +21,8 @@
 <script setup lang="ts">
 import { onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
-import backend, { UserDto } from '../common/backend';
+import { UserDto } from '../common/backend';
+import userdata from '../common/userdata';
 import FetchError from './FetchError.vue';
 import NavigationBar from './NavigationBar.vue';
 
@@ -35,7 +36,7 @@ onMounted(fetchData);
 async function fetchData() {
   onFetchError.value = null;
   try {
-    me.value = await backend.users.me();
+    me.value = await userdata.me;
   } catch (error) {
     console.error('Retrieving logged in user failed.', error);
     onFetchError.value = error instanceof Error ? error : new Error('Unknown Error');
diff --git a/frontend/src/components/CreateVault.vue b/frontend/src/components/CreateVault.vue
index ac7d6419b..5b9995f85 100644
--- a/frontend/src/components/CreateVault.vue
+++ b/frontend/src/components/CreateVault.vue
@@ -182,11 +182,11 @@ import { ClipboardIcon } from '@heroicons/vue/20/solid';
 import { ArrowPathIcon, CheckIcon, KeyIcon } from '@heroicons/vue/24/outline';
 import { ArrowDownTrayIcon } from '@heroicons/vue/24/solid';
 import { saveAs } from 'file-saver';
-import { base64 } from 'rfc4648';
 import { onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
 import backend, { PaymentRequiredError } from '../common/backend';
 import { VaultKeys } from '../common/crypto';
+import userdata from '../common/userdata';
 import { debounce } from '../common/util';
 import { VaultConfig } from '../common/vaultconfig';
 
@@ -288,13 +288,10 @@ async function createVault() {
       throw new Error('Invalid state');
     }
     processing.value = true;
-    const owner = await backend.users.me();
-    if (!owner.publicKey) {
-      throw new Error('Invalid state');
-    }
+    const owner = await userdata.me;
     const vaultId = crypto.randomUUID();
     vaultConfig.value = await VaultConfig.create(vaultId, vaultKeys.value);
-    const ownerJwe = await vaultKeys.value.encryptForUser(base64.parse(owner.publicKey));
+    const ownerJwe = await vaultKeys.value.encryptForUser(await userdata.ecdhPublicKey);
     await backend.vaults.createOrUpdateVault(vaultId, vaultName.value, false, vaultDescription.value);
     await backend.vaults.grantAccess(vaultId, { userId: owner.id, token: ownerJwe });
     state.value = State.Finished;
diff --git a/frontend/src/components/DeviceList.vue b/frontend/src/components/DeviceList.vue
index 80c43703b..abb6e7591 100644
--- a/frontend/src/components/DeviceList.vue
+++ b/frontend/src/components/DeviceList.vue
@@ -85,7 +85,7 @@ import { ComputerDesktopIcon, DevicePhoneMobileIcon, WindowIcon } from '@heroico
 import { onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
 import backend, { DeviceDto, NotFoundError, UserDto } from '../common/backend';
-import { BrowserKeys } from '../common/crypto';
+import userdata from '../common/userdata';
 import FetchError from './FetchError.vue';
 
 const { t, d } = useI18n({ useScope: 'global' });
@@ -97,32 +97,24 @@ const onRemoveDeviceError = ref< {[id: string]: Error} >({});
 
 onMounted(async () => {
   await fetchData();
-  await determineMyDevice();
 });
 
 async function fetchData() {
   onFetchError.value = null;
   try {
-    me.value = await backend.users.me(true);
+    me.value = await userdata.me;
+    myDevice.value = await userdata.browser;
   } catch (error) {
     console.error('Retrieving device list failed.', error);
     onFetchError.value = error instanceof Error ? error : new Error('Unknown Error');
   }
 }
 
-async function determineMyDevice() {
-  if (me.value == null) {
-    throw new Error('User not initialized.');
-  }
-  const browserKeys = await BrowserKeys.load(me.value.id);
-  const browserId = await browserKeys?.id();
-  myDevice.value = me.value.devices.find(d => d.id == browserId);
-}
-
 async function removeDevice(device: DeviceDto) {
   delete onRemoveDeviceError.value[device.id];
   try {
     await backend.devices.removeDevice(device.id);
+    userdata.reload();
   } catch (error) {
     console.error('Removing device failed.', error);
     if (error instanceof NotFoundError) {
diff --git a/frontend/src/components/GrantPermissionDialog.vue b/frontend/src/components/GrantPermissionDialog.vue
index 20969b3e9..a5967f10b 100644
--- a/frontend/src/components/GrantPermissionDialog.vue
+++ b/frontend/src/components/GrantPermissionDialog.vue
@@ -101,7 +101,7 @@ onMounted(fetchData);
 
 async function fetchData() {
   for (const user of props.users) {
-    userKeyFingerprints.value.set(user.id, await getFingerprint(user.publicKey));
+    userKeyFingerprints.value.set(user.id, await getFingerprint(user.ecdhPublicKey));
   }
 }
 
@@ -124,8 +124,8 @@ async function grantAccess() {
 async function giveUsersAccess(users: UserDto[]) {
   let tokens: AccessGrant[] = [];
   for (const user of users) {
-    if (user.publicKey) { // some users might not have set up their key pair, so we can't share secrets with them yet
-      const publicKey = base64.parse(user.publicKey);
+    if (user.ecdhPublicKey) { // some users might not have set up their key pair, so we can't share secrets with them yet
+      const publicKey = base64.parse(user.ecdhPublicKey);
       const jwe = await props.vaultKeys.encryptForUser(publicKey);
       tokens.push({ userId: user.id, token: jwe });
     }
diff --git a/frontend/src/components/InitialSetup.vue b/frontend/src/components/InitialSetup.vue
index 4da2d1fc9..eac3bb495 100644
--- a/frontend/src/components/InitialSetup.vue
+++ b/frontend/src/components/InitialSetup.vue
@@ -193,6 +193,7 @@ import { useI18n } from 'vue-i18n';
 import backend, { UserDto } from '../common/backend';
 import { BrowserKeys, UnwrapKeyError, UserKeys } from '../common/crypto';
 import { JWEBuilder } from '../common/jwe';
+import userdata from '../common/userdata';
 import { debounce } from '../common/util';
 import router from '../router';
 import FetchError from './FetchError.vue';
@@ -238,13 +239,11 @@ onMounted(fetchData);
 async function fetchData() {
   onFetchError.value = null;
   try {
-    me.value = await backend.users.me(true);
-    const browserKeys = await BrowserKeys.load(me.value.id);
-    const browserId = await browserKeys?.id();
-    if (!me.value.publicKey) {
+    me.value = await userdata.me;
+    if (!me.value.setupCode) {
       setupCode.value = crypto.randomUUID();
       state.value = State.CreateUserKey;
-    } else if (me.value.devices.find(d => d.id === browserId) == null) {
+    } else if (!await userdata.browser) {
       state.value = State.RecoverUserKey;
     } else {
       state.value = State.SetupAlreadyCompleted;
@@ -258,17 +257,16 @@ async function fetchData() {
 async function createUserKey() {
   onCreateError.value = null;
   try {
-    if (!me.value) {
-      throw new Error('Invalid state');
-    }
     processing.value = true;
+    const me = await userdata.me;
 
     const userKeys = await UserKeys.create();
-    me.value.publicKey = await userKeys.encodedPublicKey();
-    me.value.privateKey = await userKeys.encryptedPrivateKey(setupCode.value);
-    me.value.setupCode = await JWEBuilder.ecdhEs(userKeys.keyPair.publicKey).encrypt({ setupCode: setupCode.value });
-    const browserKeys = await createBrowserKeys(me.value.id);
-    await submitBrowserKeys(browserKeys, me.value, userKeys);
+    me.ecdhPublicKey = await userKeys.encodedEcdhPublicKey();
+    me.ecdsaPublicKey = await userKeys.encodedEcdsaPublicKey();
+    me.privateKey = await userKeys.encryptWithSetupCode(setupCode.value);
+    me.setupCode = await JWEBuilder.ecdhEs(userKeys.ecdhKeyPair.publicKey).encrypt({ setupCode: setupCode.value });
+    const browserKeys = await userdata.createBrowserKeys();
+    await submitBrowserKeys(browserKeys, me, userKeys);
 
     await router.push('/app/vaults');
   } catch (error) {
@@ -282,14 +280,12 @@ async function createUserKey() {
 async function recoverUserKey() {
   onRecoverError.value = null;
   try {
-    if (!me.value || !me.value.publicKey || !me.value.privateKey) {
-      throw new Error('Invalid state');
-    }
     processing.value = true;
 
-    const userKeys = await UserKeys.recover(me.value.publicKey, me.value.privateKey, setupCode.value);
-    const browserKeys = await createBrowserKeys(me.value.id);
-    await submitBrowserKeys(browserKeys, me.value, userKeys);
+    const me = await userdata.me;
+    const userKeys = await userdata.decryptUserKeysWithSetupCode(setupCode.value);
+    const browserKeys = await userdata.createBrowserKeys();
+    await submitBrowserKeys(browserKeys, me, userKeys);
 
     await router.push('/app/vaults');
   } catch (error) {
@@ -300,12 +296,6 @@ async function recoverUserKey() {
   }
 }
 
-async function createBrowserKeys(userId: string): Promise<BrowserKeys> {
-  const browserKeys = await BrowserKeys.create();
-  await browserKeys.store(userId);
-  return browserKeys;
-}
-
 async function submitBrowserKeys(browserKeys: BrowserKeys, me: UserDto, userKeys: UserKeys) {
   const jwe = await userKeys.encryptForDevice(browserKeys.keyPair.publicKey);
   await backend.devices.putDevice({
@@ -317,6 +307,7 @@ async function submitBrowserKeys(browserKeys: BrowserKeys, me: UserDto, userKeys
     creationTime: new Date()
   });
   await backend.users.putMe(me);
+  userdata.reload();
 }
 
 function guessBrowserName(): string {
diff --git a/frontend/src/components/ManageSetupCode.vue b/frontend/src/components/ManageSetupCode.vue
index 9837cf488..02ef6d216 100644
--- a/frontend/src/components/ManageSetupCode.vue
+++ b/frontend/src/components/ManageSetupCode.vue
@@ -46,12 +46,10 @@
 
 <script setup lang="ts">
 import { ClipboardIcon, EyeIcon, EyeSlashIcon } from '@heroicons/vue/20/solid';
-import { base64 } from 'rfc4648';
 import { nextTick, onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
-import backend from '../common/backend';
-import { BrowserKeys, UserKeys } from '../common/crypto';
 import { JWEParser } from '../common/jwe';
+import userdata from '../common/userdata';
 import { debounce } from '../common/util';
 import FetchError from './FetchError.vue';
 import RegenerateSetupCodeDialog from './RegenerateSetupCodeDialog.vue';
@@ -70,21 +68,12 @@ onMounted(fetchData);
 async function fetchData() {
   onFetchError.value = null;
   try {
-    const me = await backend.users.me(true);
-    if (me.publicKey == null || me.setupCode == null) {
-      throw new Error('User not initialized.');
+    const me = await userdata.me;
+    if (!me.setupCode) {
+      throw new Error('Invalid state');
     }
-    const browserKeys = await BrowserKeys.load(me.id);
-    if (browserKeys == null) {
-      throw new Error('Browser keys not found.');
-    }
-    const browserId = await browserKeys.id();
-    const myDevice = me.devices.find(d => d.id == browserId);
-    if (myDevice == null) {
-      throw new Error('Device not initialized.');
-    }
-    const userKeys = await UserKeys.decryptOnBrowser(myDevice.userPrivateKey, browserKeys.keyPair.privateKey, base64.parse(me.publicKey));
-    const payload : { setupCode: string } = await JWEParser.parse(me.setupCode).decryptEcdhEs(userKeys.keyPair.privateKey);
+    const userKeys = await userdata.decryptUserKeysWithBrowser();
+    const payload : { setupCode: string } = await JWEParser.parse(me.setupCode).decryptEcdhEs(userKeys.ecdhKeyPair.privateKey);
     setupCode.value = payload.setupCode;
   } catch (error) {
     console.error('Retrieving setup code failed.', error);
diff --git a/frontend/src/components/RecoverVaultDialog.vue b/frontend/src/components/RecoverVaultDialog.vue
index 280bb9bb8..b6240c856 100644
--- a/frontend/src/components/RecoverVaultDialog.vue
+++ b/frontend/src/components/RecoverVaultDialog.vue
@@ -52,12 +52,12 @@
 
 <script setup lang="ts">
 import { Dialog, DialogOverlay, DialogPanel, DialogTitle, TransitionChild, TransitionRoot } from '@headlessui/vue';
-import { base64 } from 'rfc4648';
 import { ref } from 'vue';
 import { useI18n } from 'vue-i18n';
-import backend, { UserDto, VaultDto } from '../common/backend';
+import backend, { VaultDto } from '../common/backend';
 
 import { VaultKeys } from '../common/crypto';
+import userdata from '../common/userdata';
 
 class FormValidationFailedError extends Error {
   constructor() {
@@ -76,8 +76,7 @@ const recoveryKey = ref('');
 const processingVaultRecovery = ref(false);
 
 const props = defineProps<{
-  vault: VaultDto,
-  me: UserDto
+  vault: VaultDto
 }>();
 
 const emit = defineEmits<{
@@ -105,10 +104,11 @@ async function recoverVault() {
   try {
     processingVaultRecovery.value = true;
     const vaultKeys = await VaultKeys.recover(recoveryKey.value);
-    if (props.me.publicKey && vaultKeys) {
-      const publicKey = base64.parse(props.me.publicKey);
+    const me = await userdata.me;
+    if (vaultKeys) {
+      const publicKey = await userdata.ecdhPublicKey;
       const jwe = await vaultKeys.encryptForUser(publicKey);
-      await backend.vaults.grantAccess(props.vault.id, { userId: props.me.id, token: jwe });
+      await backend.vaults.grantAccess(props.vault.id, { userId: me.id, token: jwe });
       emit('recovered');
       open.value = false;
     }
diff --git a/frontend/src/components/RegenerateSetupCodeDialog.vue b/frontend/src/components/RegenerateSetupCodeDialog.vue
index db586d54c..c26d6fed9 100644
--- a/frontend/src/components/RegenerateSetupCodeDialog.vue
+++ b/frontend/src/components/RegenerateSetupCodeDialog.vue
@@ -99,12 +99,11 @@
 import { Dialog, DialogOverlay, DialogPanel, DialogTitle, TransitionChild, TransitionRoot } from '@headlessui/vue';
 import { ClipboardIcon } from '@heroicons/vue/20/solid';
 import { ArrowPathIcon, KeyIcon } from '@heroicons/vue/24/outline';
-import { base64 } from 'rfc4648';
 import { computed, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
 import backend from '../common/backend';
-import { BrowserKeys, UserKeys } from '../common/crypto';
 import { JWEBuilder } from '../common/jwe';
+import userdata from '../common/userdata';
 import { debounce } from '../common/util';
 
 enum State {
@@ -151,23 +150,11 @@ async function regenerateSetupCode() {
   try {
     processing.value = true;
 
-    const me = await backend.users.me(true);
-    if (me.publicKey == null || me.setupCode == null) {
-      throw new Error('User not initialized.');
-    }
-    const browserKeys = await BrowserKeys.load(me.id);
-    if (browserKeys == null) {
-      throw new Error('Browser keys not found.');
-    }
-    const browserId = await browserKeys.id();
-    const myDevice = me.devices.find(d => d.id == browserId);
-    if (myDevice == null) {
-      throw new Error('Device not initialized.');
-    }
+    const me = await userdata.me;
     const newCode = crypto.randomUUID();
-    const userKeys = await UserKeys.decryptOnBrowser(myDevice.userPrivateKey, browserKeys.keyPair.privateKey, base64.parse(me.publicKey));
-    me.privateKey = await userKeys.encryptedPrivateKey(newCode);
-    me.setupCode = await JWEBuilder.ecdhEs(userKeys.keyPair.publicKey).encrypt({ setupCode: newCode });
+    const userKeys = await userdata.decryptUserKeysWithBrowser();
+    me.privateKey = await userKeys.encryptWithSetupCode(newCode);
+    me.setupCode = await JWEBuilder.ecdhEs(userKeys.ecdhKeyPair.publicKey).encrypt({ setupCode: newCode });
     await backend.users.putMe(me);
     setupCode.value = newCode;
 
diff --git a/frontend/src/components/UnlockSuccess.vue b/frontend/src/components/UnlockSuccess.vue
index a9a0ff36b..8a3b4fb3f 100644
--- a/frontend/src/components/UnlockSuccess.vue
+++ b/frontend/src/components/UnlockSuccess.vue
@@ -1,5 +1,5 @@
 <template>
-  <NavigationBar v-if="accountState == AccountState.Ready && browserKeys" :me="me!"/>
+  <NavigationBar v-if="accountState == AccountState.Ready && hasBrowserKeys" :me="me!"/>
   <SimpleNavigationBar v-else-if="me" :me="me"/>
 
   <div class="max-w-7xl mx-auto px-4 py-12 sm:px-6 lg:px-8 flex justify-center">
@@ -38,7 +38,7 @@
         <p class="my-3">
           Please enter your account key in Cryptomator to authorize it.
         </p>
-        <router-link v-if="browserKeys" to="/app/profile" class="inline-flex items-center px-4 py-2 border border-transparent text-sm font-medium rounded-md shadow-sm text-white bg-primary focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-primary">View Account Key in my Profile</router-link>
+        <router-link v-if="hasBrowserKeys" to="/app/profile" class="inline-flex items-center px-4 py-2 border border-transparent text-sm font-medium rounded-md shadow-sm text-white bg-primary focus:outline-none focus:ring-2 focus:ring-offset-2 focus:ring-primary">View Account Key in my Profile</router-link>
       </div>
 
       <!-- NO VAULT ACCESS -->
@@ -68,7 +68,7 @@
 import { ComputedRef, computed, onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
 import backend, { UserDto, VaultDto } from '../common/backend';
-import { BrowserKeys } from '../common/crypto';
+import userdata from '../common/userdata';
 import FetchError from './FetchError.vue';
 import NavigationBar from './NavigationBar.vue';
 import SimpleNavigationBar from './SimpleNavigationBar.vue';
@@ -81,8 +81,7 @@ const props = defineProps<{
 }>();
 
 const accountState : ComputedRef<AccountState> = computed(() => {
-  const publicKey = me.value?.publicKey;
-  if (!publicKey) {
+  if (!me.value?.setupCode) {
     return AccountState.RequiresSetup;
   } else {
     return AccountState.Ready;
@@ -120,7 +119,7 @@ enum VaultAccess {
 }
 
 const me = ref<UserDto>();
-const browserKeys = ref<boolean>(false);
+const hasBrowserKeys = ref<boolean>(false);
 const accessibleVaults = ref<VaultDto[]>();
 const onFetchError = ref<Error | null>();
 
@@ -129,8 +128,8 @@ onMounted(fetchData);
 async function fetchData() {
   onFetchError.value = null;
   try {
-    me.value = await backend.users.me(true);
-    browserKeys.value = await BrowserKeys.load(me.value.id) != null;
+    me.value = await userdata.me;
+    hasBrowserKeys.value = await userdata.browserKeys.then(keys => keys !== undefined);
     accessibleVaults.value = await backend.vaults.listAccessible();
   } catch (error) {
     console.error('Retrieving user information failed.', error);
diff --git a/frontend/src/components/UserProfile.vue b/frontend/src/components/UserProfile.vue
index 7c03e8fea..7aeb5a148 100644
--- a/frontend/src/components/UserProfile.vue
+++ b/frontend/src/components/UserProfile.vue
@@ -54,7 +54,7 @@
       <div class="grid grid-cols-1 gap-8 lg:col-span-3">
         <ManageSetupCode />
         <DeviceList />
-        <UserkeyFingerprint :user-public-key="me.publicKey"/>
+        <UserkeyFingerprint :user-public-key="me.ecdhPublicKey"/>
       </div>
     </div>
   </div>
@@ -68,6 +68,7 @@ import { useI18n } from 'vue-i18n';
 import backend, { UserDto, VersionDto } from '../common/backend';
 
 import config from '../common/config';
+import userdata from '../common/userdata';
 import { Locale } from '../i18n';
 import DeviceList from './DeviceList.vue';
 import FetchError from './FetchError.vue';
@@ -90,7 +91,7 @@ onMounted(async () => {
 async function fetchData() {
   onFetchError.value = null;
   try {
-    me.value = await backend.users.me(true);
+    me.value = await userdata.me;
     version.value = await backend.version.get();
   } catch (error) {
     console.error('Retrieving user information failed.', error);
diff --git a/frontend/src/components/VaultDetails.vue b/frontend/src/components/VaultDetails.vue
index 124afd910..fbf5970b1 100644
--- a/frontend/src/components/VaultDetails.vue
+++ b/frontend/src/components/VaultDetails.vue
@@ -202,20 +202,20 @@
   <DisplayRecoveryKeyDialog v-if="displayingRecoveryKey && vault && vaultKeys" ref="displayRecoveryKeyDialog" :vault="vault" :vault-keys="vaultKeys" @close="displayingRecoveryKey = false" />
   <ArchiveVaultDialog v-if="archivingVault && vault" ref="archiveVaultDialog" :vault="vault" @close="archivingVault = false" @archived="v => refreshVault(v)" />
   <ReactivateVaultDialog v-if="reactivatingVault && vault" ref="reactivateVaultDialog" :vault="vault" @close="reactivatingVault = false" @reactivated="v => { refreshVault(v); refreshLicense();}" />
-  <RecoverVaultDialog v-if="recoveringVault && vault && me" ref="recoverVaultDialog" :vault="vault" :me="me" @close="recoveringVault = false" @recovered="fetchOwnerData()" />
+  <RecoverVaultDialog v-if="recoveringVault && vault" ref="recoverVaultDialog" :vault="vault" @close="recoveringVault = false" @recovered="fetchOwnerData()" />
 </template>
 
 <script setup lang="ts">
 import { Menu, MenuButton, MenuItem, MenuItems } from '@headlessui/vue';
 import { ArrowPathIcon, EllipsisVerticalIcon, ExclamationTriangleIcon } from '@heroicons/vue/20/solid';
 import { PlusSmallIcon } from '@heroicons/vue/24/solid';
-import { base64 } from 'rfc4648';
 import { computed, nextTick, onMounted, ref } from 'vue';
 import { useI18n } from 'vue-i18n';
 import auth from '../common/auth';
 import backend, { AuthorityDto, ConflictError, ForbiddenError, LicenseUserInfoDto, MemberDto, NotFoundError, PaymentRequiredError, UserDto, VaultDto, VaultRole } from '../common/backend';
-import { BrowserKeys, UserKeys, VaultKeys } from '../common/crypto';
+import { VaultKeys } from '../common/crypto';
 import { JWT, JWTHeader } from '../common/jwt';
+import userdata from '../common/userdata';
 import ArchiveVaultDialog from './ArchiveVaultDialog.vue';
 import ClaimVaultOwnershipDialog from './ClaimVaultOwnershipDialog.vue';
 import DisplayRecoveryKeyDialog from './DisplayRecoveryKeyDialog.vue';
@@ -282,7 +282,7 @@ async function fetchData() {
   try {
     isAdmin.value = (await auth).isAdmin();
     vault.value = await backend.vaults.get(props.vaultId);
-    me.value = await backend.users.me(true);
+    me.value = await userdata.me;
     license.value = await backend.license.getUserInfo();
     if (props.vaultRole == 'OWNER') {
       await fetchOwnerData();
@@ -314,25 +314,13 @@ async function fetchOwnerData() {
 }
 
 async function loadVaultKeys(vaultKeyJwe: string): Promise<VaultKeys> {
-  if (!me.value || !me.value.publicKey) {
-    throw new Error('User not initialized.');
-  }
-  const browserKeys = await BrowserKeys.load(me.value.id);
-  if (browserKeys == null) {
-    throw new Error('Browser keys not found.');
-  }
-  const browserId = await browserKeys.id();
-  const myDevice = me.value.devices.find(d => d.id == browserId);
-  if (myDevice == null) {
-    throw new Error('Device not initialized.');
-  }
-  const userKeys = await UserKeys.decryptOnBrowser(myDevice.userPrivateKey, browserKeys.keyPair.privateKey, base64.parse(me.value.publicKey));
-  return VaultKeys.decryptWithUserKey(vaultKeyJwe, userKeys.keyPair.privateKey);
+  const userKeys = await userdata.decryptUserKeysWithBrowser();
+  return VaultKeys.decryptWithUserKey(vaultKeyJwe, userKeys.ecdhKeyPair.privateKey);
 }
 
 async function provedOwnership(keys: VaultKeys, ownerKeyPair: CryptoKeyPair) {
-  if (!me.value || !me.value.publicKey) {
-    throw new Error('User not initialized.');
+  if (!me.value) {
+    throw new Error('illegal state');
   }
 
   const header: JWTHeader = { alg: 'ES384', typ: 'JWT', b64: true };
@@ -347,7 +335,8 @@ async function provedOwnership(keys: VaultKeys, ownerKeyPair: CryptoKeyPair) {
     return;
   }
 
-  const vaultKeyJwe = keys.encryptForUser(base64.parse(me.value.publicKey));
+  const myPublicKey = await userdata.ecdhPublicKey;
+  const vaultKeyJwe = keys.encryptForUser(myPublicKey);
   try {
     await backend.vaults.grantAccess(props.vaultId, { userId: me.value.id, token: await vaultKeyJwe });
   } catch (error) {
diff --git a/frontend/src/router/index.ts b/frontend/src/router/index.ts
index ec2e1cd9e..7363d5119 100644
--- a/frontend/src/router/index.ts
+++ b/frontend/src/router/index.ts
@@ -2,7 +2,7 @@ import { createRouter, createWebHistory, RouteLocationRaw, RouteRecordRaw } from
 import authPromise from '../common/auth';
 import backend from '../common/backend';
 import { baseURL } from '../common/config';
-import { BrowserKeys } from '../common/crypto';
+import userdata from '../common/userdata';
 import AdminSettings from '../components/AdminSettings.vue';
 import AuditLog from '../components/AuditLog.vue';
 import AuthenticatedMain from '../components/AuthenticatedMain.vue';
@@ -162,16 +162,16 @@ router.beforeEach(async (to) => {
   if (to.meta.skipSetup) {
     return;
   }
-  const me = await backend.users.me(true);
-  if (!me.publicKey) {
+  const me = await userdata.me;
+  if (!me.setupCode) {
     return { path: '/app/setup' };
   }
-  const browserKeys = await BrowserKeys.load(me.id);
+  const browserKeys = await userdata.browserKeys;
   if (!browserKeys) {
     return { path: '/app/setup' };
   }
-  const browserId = await browserKeys.id();
-  if (me.devices.find(d => d.id == browserId) == null) {
+  const browser = await userdata.browser;
+  if (!browser) {
     return { path: '/app/setup' };
   }
 });
diff --git a/frontend/test/common/crypto.spec.ts b/frontend/test/common/crypto.spec.ts
index 8b7bd397f..785962f50 100644
--- a/frontend/test/common/crypto.spec.ts
+++ b/frontend/test/common/crypto.spec.ts
@@ -31,7 +31,7 @@ const bobPrivate: JsonWebKey = {
 };
 
 describe('crypto', () => {
-  let alice: CryptoKeyPair, bob: CryptoKeyPair;
+  let aliceEcdh: CryptoKeyPair, aliceEcdsa: CryptoKeyPair, bobEcdh: CryptoKeyPair;
 
   before(async () => {
     // since this test runs on Node, we need to replace window.crypto:
@@ -41,12 +41,16 @@ describe('crypto', () => {
 
     // prepare some test key pairs:
     let ecdhP384: EcKeyImportParams = { name: 'ECDH', namedCurve: 'P-384' };
-    const alicePrv = crypto.subtle.importKey('jwk', alicePrivate, ecdhP384, true, ['deriveKey']);
-    const alicePub = crypto.subtle.importKey('jwk', alicePublic, ecdhP384, true, []);
-    const bobPrv = crypto.subtle.importKey('jwk', bobPrivate, ecdhP384, true, ['deriveKey']);
-    const bobPub = crypto.subtle.importKey('jwk', bobPublic, ecdhP384, true, []);
-    alice = { privateKey: await alicePrv, publicKey: await alicePub };
-    bob = { privateKey: await bobPrv, publicKey: await bobPub };
+    let ecdsaP384: EcKeyImportParams = { name: 'ECDSA', namedCurve: 'P-384' };
+    const aliceEcdhPrv = crypto.subtle.importKey('jwk', alicePrivate, ecdhP384, true, ['deriveKey', 'deriveBits']);
+    const aliceEcdhPub = crypto.subtle.importKey('jwk', alicePublic, ecdhP384, true, []);
+    const aliceEcdsaPrv = crypto.subtle.importKey('jwk', alicePrivate, ecdsaP384, true, ['sign']);
+    const aliceEcdsaPub = crypto.subtle.importKey('jwk', alicePublic, ecdsaP384, true, []);
+    const bobEcdhPrv = crypto.subtle.importKey('jwk', bobPrivate, ecdhP384, true, ['deriveKey', 'deriveBits']);
+    const bobEcdhPub = crypto.subtle.importKey('jwk', bobPublic, ecdhP384, true, []);
+    aliceEcdh = { privateKey: await aliceEcdhPrv, publicKey: await aliceEcdhPub };
+    aliceEcdsa = { privateKey: await aliceEcdsaPrv, publicKey: await aliceEcdsaPub };
+    bobEcdh = { privateKey: await bobEcdhPrv, publicKey: await bobEcdhPub };
   });
 
   describe('VaultKeys', () => {
@@ -154,44 +158,66 @@ describe('crypto', () => {
       expect(orig).to.be.not.null;
     });
 
+    it('decrypt with device key', async () => {
+      const jwe = 'eyJhbGciOiJFQ0RILUVTIiwiZW5jIjoiQTI1NkdDTSIsImVwayI6eyJrZXlfb3BzIjpbXSwiZXh0Ijp0cnVlLCJrdHkiOiJFQyIsIngiOiJiOTJEU0EwOW1FcW53cVBsMTBKdlhiV3BzRllHbndoclVkd21BYWFrdTB3SGdmNGotUzJVNnlLZ2hjU1VRX2RlIiwieSI6ImV0b21LamxCUzc3MmJ1OEFDdmlEX3VGZ2FNNkQyWG9ZR0xTNkkzNTRWXzVvZ3d0akNZNlZjX1h0Z3IzOWhMZ3QiLCJjcnYiOiJQLTM4NCJ9LCJhcHUiOiIiLCJhcHYiOiIifQ..hQyVi7d-S5Qr3z3W.k3Vo14FFoE2vH1tVD16ErYkCcIDqyPxzcO4Snfn9HFNswYchpFsK0jZFREZnJUaaVxX44oPou16uNDCHZoahwNqJfBC6oTN950al9VeP8kufqt7yABavN4pmPSFi_zSZBaJAkMgtOK23UW5bILRx-EjdhXfBZ-BEu1tzsbZV0sDMrAdP3VdMlRV3JYUgokTMJBhY6EzvAK8qO5QBfkQ5VomJW8Ju59Gt1LJAKwKPN36f3WSu8A3xYxSgQXJMh-qcsHvEA4O31gvmAFBeNKNm2ovZNAwizQrQGPFPfBF269_2YK_YSxpWk5-o5SITFUBcCVq8jBVXLZhfmqDWubbmTcS9nRF-UtuVuvMy_bIjg-4KcCQyLSPKoPw9e3tKs6t4KzKu4DB9Qfo8TSp2L1UpZETKD9HExgi1RLdBJEMCydrdPVPjBrMjQvkeEyMLFUeZ3xXXdspPeJN60QskqVdLaF9S0Xx8W8eHhv4DA6nnEEWn_IeS4K1IBhJ3DkDVVZJiQdTANHlkVgZagGzErP0aLwtgbZUHPiMr1bFw81veQxAK2FxsyDgkFaX6rW2eJl6Y2TTDpBCUY9Fj42Q8pFejnrvBvoDDOI_aB9n-2pGcK_nTzntP2aV5InNu5voBYEUJeJjpfwhoTsg_vzfU3zea1CpM3RC_FyuY1mze6PEdL3jR5S6xC4BrGfABKBKNA33XC4rh7ddLkeX-fRFj6MPXzOZOkeDHECbBC_aIutjYVVhWnuQQONLmpBPhzmaCTzztEnZ5f-YGGqTBOQj3cuuGCA7pAjqBei5bgqhOW3spHuB3XM3Ays4nyAc0DgkDtpa0FP2Sp70hT7loCVfjWGZWbuBVuIuChYDVtQgQmZ0gTqES1cRJGhx_HbxoEycZKmKPHdEZEtDOXNNyzjJ7XKugeW4xumcJvAIF5VpXyBoR4AL2Qmb2P-VSzDtNoeGL070Cr55Ux9vJvVZlXWWR6pTqjzLtJcQV9cvDHznogaRtERXqL5zcPTveorUOb4pM5UpCH07qUHQtFPW6eLyMorGBrSuSJJi831idR26o.h6xiowYII-lLOZ8YM32bng';
+
+      const decrypted = await UserKeys.decryptOnBrowser(jwe, bobEcdh.privateKey, aliceEcdh.publicKey, aliceEcdsa.publicKey);
+
+      expect(decrypted).to.be.not.null;
+    });
+
+    it('recover() with setup code', async () => {
+      const jwe = 'eyJhbGciOiJQQkVTMi1IUzUxMitBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIiwicDJzIjoibUJ6Q3dkQVpDVEdJcm8tZlppYkJzZyIsInAyYyI6MTAwMCwiYXB1IjoiIiwiYXB2IjoiIn0.aJQ8SpBAc8-Qj7e2nHcBrXjUg1ffYr-yYzObbhLfP9zIS6xDb_QhGA.h3kS7p9X3kwN0hNN.MXYK5F62aELyVyiiixvdtF5qc2b8hVj1o5pLgmd-pZy5Kw5KDW3QUtpfGM5NdMNSlCJjg7ffTt0oBpD67jIatN2PhqJ9A_G_n-UleYDwSv_c-GLqEuJW7gYm-dydigqjZVQsQWdTiVPaO_USqrPkW7fBm0jG7ibIO4tq23tszbzIFWjrZgUwB9UrBWLzoreBci9zK8iSKZyjSJl75IVBzoVPDGEMukGf-Vie1gHrcLy7OaJ-0_K5Ncwq2-YuDhtIvuq5fpE06RYAFotRPsObmcDGz4BzjTRjSgbbjWBZF0n2rwkpnTOUodkUvvWSfPL7se8-6hke9wNC7YV0rleeiTkRrRUl5wFTce4ahH_paIGMA0sJXV4B6rbb2XV_j9s54edER869jG5m5Vzo4T4HYkmBLXT5JqAvEq4cR6YmBVlZ8REVI2TxXoh56Lb9Z6bEBp2GRKy9jgOcka2xGS6S5rh3sNcfyXjcBJXR4p4yNf8ksxLEQmR2Dt46xKGkqEiTt5uYSCx0HAUyYksr7nWmUkhNQZJwswDfyMGNqIYo6ZRY4gWk9b-GG9-qm27eBl_7oXE8IvWV9mPSiNZgwUcUc2nw35Oj0s9q99xMjJ4sQxPMlKmtz2_1OfN4oXZnb36660Gr3R-txvhML4GucWEe7WgdJlgrLduJxvEnv0Nf6lacdb7se592AlqGpQegfWUWwD3DRSeha7wb0aeqyNXSP7B4aBrd4eLVKsvNUjGeJ6Riy8-5tPFhIh7x7OXXqh8dUyHF9k_fpnbXjT2Ljq5Jn2jLvBUC7HX-ixtGK9Q5GoIg2IDG6-zglcpvLFLaJgZ8-_XIPTG6dHv8u-ST3vHXZeKE4mbkmXgVCsov11OUtT2H1pd79FKUzmGuWHSIAHGnjqsrcLXaqQ5nVF3c0MIt5U0Q6rLeBindcKQ6j648j-7B9mkjedD6_fTNROsK9gBQQ6hefTjCLJT6TPLMbCiR91UYB4YJ1TsNV37WiQgac-R3NCQnj0lG6hpfFLH5TWZ7Q1_7guUZnzhLSbsa36weO4h9fNdur4S6oI5I.4xnbrXWQgQgNV-pFmCQtag';
+
+      const recovered = await UserKeys.recover(jwe, 'foo', aliceEcdh.publicKey, aliceEcdsa.publicKey);
+
+      expect(recovered).to.be.not.null;
+    });
+
     describe('After creating new key material', () => {
       let userKeys: UserKeys;
 
       beforeEach(async () => {
-        userKeys = new TestUserKeys(alice);
+        userKeys = new TestUserKeys(aliceEcdh, aliceEcdsa);
       });
 
       it('encryptForDevice() creates JWE', async () => {
-        const deviceKey = bob;
+        const deviceKey = bobEcdh;
         const jwe = await userKeys.encryptForDevice(deviceKey.publicKey);
 
         expect(jwe).to.be.not.null;
       });
+
+      it('encryptWithSetupCode() creates JWE', async () => {
+        const jwe = await userKeys.encryptWithSetupCode('foo', 1000);
+
+        expect(jwe).to.be.not.null;
+      });
     });
   });
 
   // base64-encoded test key pairs for use in other implementations (Java, Swift, ...)
   describe('Test Key Pairs', () => {
     it('alice private key (PKCS8)', async () => {
-      const bytes = new Uint8Array(await crypto.subtle.exportKey('pkcs8', alice.privateKey));
+      const bytes = new Uint8Array(await crypto.subtle.exportKey('pkcs8', aliceEcdh.privateKey));
       const encoded = base64.stringify(bytes);
       expect(encoded).to.eq('MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDDCi4K1Ts3DgTz/ufkLX7EGMHjGpJv+WJmFgyzLwwaDFSfLpDw0Kgf3FKK+LAsV8r+hZANiAARLOtFebIjxVYUmDV09Q1sVxz2Nm+NkR8fu6UojVSRcCW13tEZatx8XGrIY9zC7oBCEdRqDc68PMSvS5RA0Pg9cdBNc/kgMZ1iEmEv5YsqOcaNADDSs0bLlXb35pX7Kx5Y=');
     });
 
     it('alice public key (SPKI)', async () => {
-      const bytes = new Uint8Array(await crypto.subtle.exportKey('spki', alice.publicKey));
+      const bytes = new Uint8Array(await crypto.subtle.exportKey('spki', aliceEcdh.publicKey));
       const encoded = base64.stringify(bytes);
       expect(encoded).to.eq('MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAESzrRXmyI8VWFJg1dPUNbFcc9jZvjZEfH7ulKI1UkXAltd7RGWrcfFxqyGPcwu6AQhHUag3OvDzEr0uUQND4PXHQTXP5IDGdYhJhL+WLKjnGjQAw0rNGy5V29+aV+yseW');
     });
 
     it('bob private key (PKCS8)', async () => {
-      const bytes = new Uint8Array(await crypto.subtle.exportKey('pkcs8', bob.privateKey));
+      const bytes = new Uint8Array(await crypto.subtle.exportKey('pkcs8', bobEcdh.privateKey));
       const encoded = base64.stringify(bytes);
       expect(encoded).to.eq('MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB2bmFCWy2p+EbAn8NWS5Om+GA7c5LHhRZb8g2pSMSf0fsd7k7dZDVrnyHFiLdd/YGhZANiAAR6bsjTEdXKWIuu1Bvj6Y8wySlIROy7YpmVZTY128ItovCD8pcR4PnFljvAIb2MshCdr1alX4g6cgDOqcTeREiObcSfucOU9Ry1pJ/GnX6KA0eSljrk6rxjSDos8aiZ6Mg=');
     });
 
     it('bob public key (SPKI)', async () => {
-      const bytes = new Uint8Array(await crypto.subtle.exportKey('spki', bob.publicKey));
+      const bytes = new Uint8Array(await crypto.subtle.exportKey('spki', bobEcdh.publicKey));
       const encoded = base64.stringify(bytes);
       expect(encoded).to.eq('MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEem7I0xHVyliLrtQb4+mPMMkpSETsu2KZlWU2NdvCLaLwg/KXEeD5xZY7wCG9jLIQna9WpV+IOnIAzqnE3kRIjm3En7nDlPUctaSfxp1+igNHkpY65Oq8Y0g6LPGomejI');
     });
@@ -239,7 +265,7 @@ class TestVaultKeys extends VaultKeys {
 }
 
 class TestUserKeys extends UserKeys {
-  constructor(keypair: CryptoKeyPair) {
-    super(keypair);
+  public constructor(ecdhKeyPair: CryptoKeyPair, ecdsaKeyPair: CryptoKeyPair) {
+    super(ecdhKeyPair, ecdsaKeyPair);
   }
 }