How does this service work?

This page allows you to share a secret through a secret sharing link.
The secret is stored in the secret sharing link and not on the server.
A secret sharing link can only be used once.

Short description of this service.

This secret sharing service is based on GPG encryption. When creating a new secret sharing link, the secret itself is encrypted via GPG. The result of the GPG encryption is armored and prepended with the URL of this website. When the secret sharing link is called, the armored GPG message is decrypted and the result of the decryption is displayed on the website. Additionally, the fingerprint of the armored GPG message is stored in a database to prevent it from being displayed more than once.

You can build your own secret sharing link by using the secret sharing form we provide for your convenience.

Short description of the password-protection feature.

When using the password-protection feature, the secret is encrypted locally using the AES algorithm in GCM mode. The encryption key is derived from the entered password and a dynamically generated salt using the PBKDF2 algorithm. The dynamically generated salt is prepended to the encrypted secret. The password-protection feature is implemented using client-side JavaScript. Please beware that a compromised server may serve you JavaScript code that defeats the purpose of the local encryption. If you do not trust the server that provides the secret sharing service, then encrypt your secret with a locally installed application before sharing it.