In a method for decrypting persistent user cryptographic keys in a distributed cryptographically secured peer-to-peer filesystem, a primary input value is received from a first user on a first peer device. A symmetric user encryption key UK1 is generated for the first user from the primary input value on the first peer device. An encrypted private key ePrK1 is requested and received from a non-volatile memory of a data persistence server using the first peer device. The encrypted private key ePrK1 is decrypted using the symmetric user encryption key UK1 using a symmetric decryption algorithm on the first peer device, producing a private key PrK1=ESUK1−1(ePrK1). The private key PrK1 is used to reconstruct a distributed file.