How SecureNote.link Works
SecureNote uses end-to-end encryption to ensure your sensitive information remains private. Here's how it works:
🔒 Client-Side Encryption
All encryption and decryption happens in your browser using the Web Crypto API. This means:
- Your messages are encrypted before they leave your device
- The server never sees your unencrypted messages
- Only the intended recipient can decrypt the message
🔑 Encryption Process
When you create a note:
- A unique 256-bit AES-GCM encryption key is generated
- Your message is encrypted using this key
- The encrypted data is sent to our servers
- A secure link is created containing the encryption key
🔐 One-Time Access
Each note can only be viewed once because:
- The encrypted data is permanently deleted after being accessed
- Even with the encryption key, the message cannot be retrieved again
- This ensures your secrets remain truly private
🛡️ Security Features
- End-to-End Encryption: Messages are encrypted before they leave your device
- Zero Knowledge: We never have access to your unencrypted messages
- Forward Secrecy: Each message uses a unique encryption key
- Password Protection: Optional password for additional security
- Expiration: Notes automatically expire after 1 hour to 7 days
🔍 Technical Details
SecureNote uses industry-standard cryptographic algorithms:
- Encryption Algorithm: AES-GCM (Galois/Counter Mode)
- Key Size: 256 bits
- IV (Initialization Vector): 96 bits
- Authentication: Built-in message authentication
⚠️ Important Security Notes
Don't share the full URL with anyone you don't trust
The encryption key is in the URL fragment (#) and never sent to our servers
Messages are permanently deleted after being viewed once
Use password protection for additional security