Passphrases are case sensitive, for example the sender might have encrypted all in lower case but inadvertently texted you
the Passphrase making the first letter a capital, check with the sender of message if your passphrase is rejected.
We use AES 256 Symmetric encryption from the
OpenPGP.js library,
All encryption / decryption happens in the browser, not on the server; this is the definition of
"end to end encryption",
Your Passphrase or Password is never transmitted to the server.
A AES 256
hash of your Passphrase is transmitted to the server and compared with a stored hash to verify your access
to the encrypted file. Once you are authenticated, the encrypted file is retrieved and shown in the browser.
The hash is a one way process, it cannot be reversed to obtain the Passphrase. Because we don't store your Passphrase / password
we cannot help if you forget it.
Encrypted files are stored using
amazon S3 and are inaccessible without a key.
A temporary key is created to obtain the file useing the latest recommended method -
Amazon S3 Signature Version 4 Authentication
to protect your files, which are always encrypted by the sender in the browser before sending.