Military-grade security

About encrypt/decrypt files

Learn how SendFilesEncrypted protects your files with zero-knowledge encryption

The Encryption Journey

Your files are protected every step of the way

📄
Your File
Unencrypted
🔐
Your Browser
AES-256 Encryption
🔒
Our Servers
Encrypted Only

Step-by-Step Process

1

You Upload a File

At sendfilesencrypted.com we care about the security of your files and we want your experience sharing files online to be and feel safe.

2

Browser Generates a Key

That is why we have implemented free file encryption functionality.

3

File is Encrypted

All the files that you share in Sendfilesencrypted.com are being encrypted before being uploaded to our servers, this adds a layer of security to each file that you share, preventing any person or threat from accessing them.

4

Encrypted File is Uploaded

In the same way, all your files are decrypted in your browser using the password you provided when uploading them, this ensures that if an attacker accesses your files, they will be fully encrypted.

5

Recipient Downloads

Here is how we encrypt your files before they are uploaded and stored on our servers.

Technical Details

For security experts and the technically curious

🔐

AES-256-GCM

The code breaks your files into multiple small files, each piece is encrypted using the password you used to upload them and a unique code for each group of files, this gives even greater security to your files. After this process each piece of encrypted file is uploaded and stored on our server. This ensures that even we, the developers, cannot access your files.

🔑

PBKDF2 Key Derivation

600,000 iterations transform your password into a secure encryption key, making brute-force attacks computationally infeasible.

🛡️

Zero-Knowledge Architecture

Now I will show you how we decrypt your files.

🔒

TLS Transport

Remember that each original file turned into many pieces of encrypted files, which are the ones that are stored on our server. Each piece is downloaded in the browser and then the password you entered and the unique code of the file block are used to be able to decrypt each piece which will be joined to the many other decrypted pieces of your original file and then create and download the original file.

See the Code

Our encryption implementation is transparent. Here's a simplified version of how we encrypt your files:

encryption.js 
// Derive encryption key from password
async function deriveKey(password, salt) {
  const encoder = new TextEncoder();
  const keyMaterial = await crypto.subtle.importKey(
    'raw',
    encoder.encode(password),
    'PBKDF2',
    false,
    ['deriveBits', 'deriveKey']
  );

  return crypto.subtle.deriveKey(
    {
      name: 'PBKDF2',
      salt: salt,
      iterations: 600000,  // High iteration count
      hash: 'SHA-256'
    },
    keyMaterial,
    { name: 'AES-GCM', length: 256 },
    false,
    ['encrypt', 'decrypt']
  );
}

// Encrypt file data
async function encryptFile(fileData, password) {
  const salt = crypto.getRandomValues(new Uint8Array(16));
  const iv = crypto.getRandomValues(new Uint8Array(12));
  const key = await deriveKey(password, salt);

  const encrypted = await crypto.subtle.encrypt(
    { name: 'AES-GCM', iv: iv },
    key,
    fileData
  );

  return { encrypted, salt, iv };
}

This is a simplified example. Our actual implementation includes additional security measures.

⚠️

Important Security Note

Without the password, it will be impossible for us to decrypt your files and you will get a corrupted file that is impossible to read.

Like what you read?

Send your first encrypted file in seconds. No account required.

Send files encrypted now