How Ghost Share Keeps Your Files Secure

The Core Idea: Encryption Happens On Your Device

Think of Ghost Share like a super-secure digital courier. Before you even send a file, it gets locked tight right inside your web browser using powerful encryption keys that only you control. We use a top-tier, industry-standard encryption method called AES-256-GCM for this. Not only does this strong algorithm lock your files incredibly securely, but the 'GCM' part also constantly checks to make sure the file hasn't been tampered with since it was last saved – providing both confidentiality and integrity.

Imagine writing in a diary, locking it with a unique key, and *then* putting it in the mail. Even if someone intercepts the mail, they can't read the diary without your specific key. Ghost Share works similarly – your files are locked *before* they are uploaded to our servers.

Zero-Knowledge: We Can't See Your Secrets

This is crucial: Because your files are encrypted on *your* device before upload, our servers only ever store the scrambled, unreadable version. We literally have *no way* to decrypt or view your original files. This is often called "Zero-Knowledge" encryption.

Your privacy is paramount. We designed the system so that even we, the service providers, cannot access the content you store.

Your Keys, Your Control: Login vs. Master Vault Password

You have two important passwords in Ghost Share, and understanding the difference is key to understanding your security:

• Login Password: This is what you use to sign in to your account. It verifies your identity with our servers. We protect this password on our end using a strong hashing method (bcrypt), but it has *nothing* to do with encrypting or decrypting your actual files.
• Master Vault Password: This is your super-secret encryption key. It's used *only on your device* (your computer or phone) to unlock your encrypted "vault". This password is NEVER sent to our servers. We never see it, store it, or have access to it. When you enter it, your browser uses a special, computationally intensive process called PBKDF2 (Password-Based Key Derivation Function 2) with a very high number of iterations (over 100,000 rounds) to derive your unique Master Encryption Key. This makes it extremely slow and difficult for attackers to guess, even if they had unlimited tries or specialized hardware. It's designed to resist brute-force attacks.

Important: Because we never know your Master Vault Password, we cannot recover it for you if you forget it. Treat it like the key to a physical vault – keep it safe and secure!

How Your Files Are Protected: A Multi-Layered Approach

It's not just one lock; it's a system of keys working together:

1. Your Master Vault Password (which you remember and never leaves your device).
2. This password unlocks your main Vault Key (which is stored encrypted on our servers, useless without your Master Vault Password).
3. Every single file you upload gets its *own* unique, randomly generated File Key (using AES-256-GCM). Think of it like giving each document a unique padlock.
4. This File Key is then encrypted using your main Vault Key before the file (already encrypted with its own File Key) is sent to our servers.

This multi-key approach means maximum security. Even if someone could somehow bypass one layer (which is incredibly difficult), they'd still be faced with others. Accessing one encrypted file gives no information about how to decrypt any others.

Secure Sharing, End-to-End

Sharing is designed to be just as secure, maintaining the zero-knowledge principle:

• Sharing with Users:When you share with another Ghost Share user, we use a clever cryptographic handshake method called ECDH (Elliptic Curve Diffie-Hellman) behind the scenes. This allows your device and the recipient's device to securely agree on a shared secret key without ever exposing it over the network. This secret key is then used to encrypt the specific File Key for the shared file, allowing only the intended recipient to decrypt it. Our servers only pass along the encrypted data; they never see the shared secret or the File Key.
• Sharing via Link: A similar secure exchange happens when creating a share link. However, the final piece of the secret needed to decrypt the File Key is embedded directly in the link itself, specifically in the part after the '#' symbol (the URL fragment). Browsers don't send this fragment part to servers, so the complete decryption secret never even touches our infrastructure, ensuring end-to-end encryption even for link-based shares.