diff --git a/src/Core/Models/Domain/Attachment.cs b/src/Core/Models/Domain/Attachment.cs
index 1a262eb69..9b9e3704a 100644
--- a/src/Core/Models/Domain/Attachment.cs
+++ b/src/Core/Models/Domain/Attachment.cs
@@ -1,5 +1,7 @@
-using Bit.Core.Models.Data;
+using Bit.Core.Abstractions;
+using Bit.Core.Models.Data;
 using Bit.Core.Models.View;
+using Bit.Core.Utilities;
 using System.Collections.Generic;
 using System.Threading.Tasks;
 
@@ -37,9 +39,21 @@ namespace Bit.Core.Models.Domain
             {
                 "FileName"
             }, orgId);
-
-            // TODO: Decrypt key
-
+            
+            if(Key != null)
+            {
+                var cryptoService = ServiceContainer.Resolve<ICryptoService>("cryptoService");
+                try
+                {
+                    var orgKey = await cryptoService.GetOrgKeyAsync(orgId);
+                    var decValue = await cryptoService.DecryptToBytesAsync(Key, orgKey);
+                    view.Key = new SymmetricCryptoKey(decValue);
+                }
+                catch
+                {
+                    // TODO: error?
+                }
+            }
             return view;
         }
 
diff --git a/src/Core/Models/Domain/CipherString.cs b/src/Core/Models/Domain/CipherString.cs
index 8b0f60f72..cb6c6e2ed 100644
--- a/src/Core/Models/Domain/CipherString.cs
+++ b/src/Core/Models/Domain/CipherString.cs
@@ -1,4 +1,6 @@
-using Bit.Core.Enums;
+using Bit.Core.Abstractions;
+using Bit.Core.Enums;
+using Bit.Core.Utilities;
 using System;
 using System.Threading.Tasks;
 
@@ -14,7 +16,7 @@ namespace Bit.Core.Models.Domain
             {
                 throw new ArgumentNullException(nameof(data));
             }
-            
+
             if(!string.IsNullOrWhiteSpace(iv))
             {
                 EncryptedString = string.Format("{0}.{1}|{2}", (byte)encryptionType, iv, data);
@@ -97,14 +99,24 @@ namespace Bit.Core.Models.Domain
         public string Data { get; private set; }
         public string Mac { get; private set; }
 
-        public Task<string> DecryptAsync(string orgId = null)
+        public async Task<string> DecryptAsync(string orgId = null)
         {
-            if(_decryptedValue == null)
+            if(_decryptedValue != null)
             {
-                // TODO
+                return _decryptedValue;
             }
 
-            return Task.FromResult(_decryptedValue);
+            var cryptoService = ServiceContainer.Resolve<ICryptoService>("cryptoService");
+            try
+            {
+                var orgKey = await cryptoService.GetOrgKeyAsync(orgId);
+                _decryptedValue = await cryptoService.DecryptToUtf8Async(this, orgKey);
+            }
+            catch
+            {
+                _decryptedValue = "[error: cannot decrypt]";
+            }
+            return _decryptedValue;
         }
     }
 }