AES-256-GCM
Military-grade encryption for all files. Same standard used by governments worldwide.
Argon2id
Memory-hard key derivation. Resistant to GPU and ASIC brute-force attacks.
Zero Knowledge
We never see your password, username, or file contents. Mathematically impossible.
Client-Side
All encryption happens in your browser. Data is encrypted before it ever leaves your device.
🏗️ Architecture Overview
Delete Upon Death uses a zero-knowledge architecture. This means our servers store only encrypted data that we cannot read. Here's how it works:
// What happens on YOUR device: 1. You enter username + password 2. Username → hashed with Argon2id → becomes account_id 3. Password → derived with Argon2id → becomes master_key 4. Your files → encrypted with master_key → becomes encrypted_blob // What we store on our servers: account_id ← cannot be reversed to username encrypted_blob ← cannot be decrypted without your password // What we NEVER receive: username ← never transmitted password ← never transmitted master_key ← never transmitted plaintext files ← never transmitted
Cryptographic Algorithms
We use industry-standard, well-audited cryptographic algorithms:
| Purpose | Algorithm | Parameters |
|---|---|---|
| Username hashing | Argon2id |
64MB memory, 3 iterations, 4 threads |
| Master key derivation | Argon2id |
64MB memory, 3 iterations, 4 threads |
| File encryption | AES-256-GCM |
256-bit key, 96-bit nonce, 128-bit auth tag |
| Metadata encryption | AES-256-GCM |
256-bit key, 96-bit nonce, 128-bit auth tag |
| Random generation | CSPRNG |
Web Crypto API / OS entropy |
Why These Choices?
- Argon2id — Winner of the Password Hashing Competition. Resistant to GPU/ASIC attacks due to memory-hardness. The "id" variant protects against both side-channel and GPU attacks.
- AES-256-GCM — Authenticated encryption providing both confidentiality and integrity. Used by TLS 1.3, government agencies, and security-critical applications worldwide.
- Per-file keys — Each file has its own random encryption key. Even if one key were somehow compromised, other files remain protected.
Threat Model
Security is about trade-offs. Here's what we protect against — and what we don't:
✓ Server Breach
If attackers steal our database, they get encrypted blobs and hashed identifiers. Useless without your password.
✓ Rogue Employee
Our employees cannot access your data. We don't have the keys. Zero-knowledge means zero access.
✓ Legal Subpoena
We can only hand over encrypted data. We cannot decrypt it, even if legally compelled.
✓ Post-Mortem Discovery
Your data is permanently deleted upon death. There's nothing left to discover.
✗ Compromised Device
If your computer has malware or a keylogger, attackers could capture your password as you type it.
✗ Password Sharing
If you share your password with someone, they have full access. Don't do this.
✗ Coercion
If someone forces you to reveal your password, we cannot protect you. Consider a duress password feature for future versions.
✗ Weak Password
If you use "password123", brute-force attacks become feasible. Use a strong passphrase.
🏢 Infrastructure Security
- Encryption at rest — All servers use full-disk encryption (in addition to your client-side encryption)
- Encryption in transit — TLS 1.3 for all connections. No legacy protocol support.
- Network isolation — Database and storage are not publicly accessible
- Access logging — All administrative access is logged and audited
- Minimal access — Principle of least privilege for all systems
- Regular updates — Security patches applied promptly
- DDoS protection — Infrastructure-level protection against denial of service
🔍 Security Audits
Independent Verification
Our cryptographic implementation and infrastructure undergo annual third-party security audits. We publish summaries of findings and remediation. Our client-side encryption code is open for inspection.
🐛 Vulnerability Disclosure
We welcome responsible security research. If you discover a vulnerability:
- Email security@deleteupondeath.com
- Include detailed steps to reproduce
- Give us 90 days to fix before public disclosure
- We do not pursue legal action against good-faith researchers
Questions About Our Security?
We're happy to discuss our security architecture in detail.
Contact Security Team