Securely share sensitive information with end-to-end encryption. Your message is encrypted on your device, stored safely on the server, and decrypted only by the recipient.
How It Works
This application uses **end-to-end encryption** to secure your messages. The encryption and decryption process is handled entirely on your device, ensuring that the server never sees or processes unencrypted data.
- Encryption on the Client: When you write a message and click the "Generate Secure Link" button, the message is encrypted directly in your browser using AES (Advanced Encryption Standard). A random encryption key is generated locally and used to encrypt the message.
- Secure Storage: The encrypted message (ciphertext) is sent to the server via an API call and stored in a secure database. The encryption key is never sent to the server, ensuring that even if the server is compromised, your message remains unreadable.
- Decryption on the Client: When the recipient accesses the generated link, the ciphertext is retrieved from the server. The encryption key, embedded in the link after the `#` (fragment), is used to decrypt the message in the recipient's browser. This ensures that the message remains secure throughout its journey.
- One-Time Retrieval: For additional security, the server deletes the encrypted message after it has been retrieved once, preventing reuse or unauthorized access.
This approach guarantees that your sensitive information stays confidential, even in the event of a server breach. By combining client-side encryption with one-time retrieval, this system ensures that only the intended recipient can read the message.