Security & Privacy
CryptDrop is designed so that your sensitive data never has to leave your device. Here's exactly what stays local and what reaches the network.
What stays on your device
These operations happen entirely in your browser. No data is sent to CryptDrop or any other server. Even if someone intercepted your network traffic, they would see none of this.
Key generation
Your private and public keys are generated using Curve25519 via OpenPGP.js, entirely in your browser. The private key is protected with your passphrase before it ever touches storage.
File encryption & decryption
Files are encrypted and decrypted using AES-256 inside your browser tab. Plaintext file data is never written to disk, sent over the network, or stored anywhere outside of temporary browser memory.
Digital signatures
When you sign a file, your private key creates the signature locally. When you verify a signature, the check happens locally too. No server is involved.
Private key storage
If you choose "Remember this key", the passphrase-encrypted private key is saved to your browser's IndexedDB. It never leaves your device. Without your passphrase, the stored key is unreadable.
Contact address book
Saved contacts (names, emails, public keys) are stored in your browser's localStorage. This data stays on your device and is never synced or uploaded.
Activity history
The history of your encrypt/decrypt operations is stored in localStorage. It includes filenames, sizes, and recipient emails — but never file contents. You can clear it at any time, or enable auto-clear on tab close.
What reaches the cloud
CryptDrop makes exactly three types of network request, all to the same destination: the keys.openpgp.org public keyserver. Nothing else leaves your browser.
Public key lookup
When you look up a recipient by email, CryptDrop sends that email address to the keys.openpgp.org keyserver to fetch their public key. Only the email is sent — no files, no private keys, no other data.
Public key publishing
If you choose to publish your public key, the armored public key text is uploaded to keys.openpgp.org so others can find you. Your private key is never included. The keyserver sends a verification email to confirm ownership.
Email verification
After publishing, CryptDrop sends a verification request to the keyserver so it can email you a confirmation link. Only the token and email address are sent.
What is never transmitted
The following data never leaves your browser under any circumstances. There is no mechanism in CryptDrop to send this data, and the Content Security Policy blocks outbound connections to all domains except keys.openpgp.org.
How CryptDrop hardens your security
Beyond the encryption itself, multiple layers of protection are built into the app to minimize attack surface and protect your data.
Content Security Policy
A strict CSP header blocks all outbound connections except to keys.openpgp.org. Inline scripts are locked to specific SHA-256 hashes. This prevents cross-site scripting (XSS) attacks from exfiltrating your data.
Modern cryptography
Keys use Curve25519 (Ed25519 for signing, X25519 for encryption) via OpenPGP.js 6.x. Symmetric encryption uses AES-256. These are the same algorithms recommended by NIST and used by Signal.
Passphrase protection
Private keys are encrypted with your passphrase before storage. Passphrases must be at least 12 characters and meet a minimum strength score. They are never stored — only held in memory during key operations, then cleared.
Decrypted file auto-clear
After decryption, plaintext file data is held in memory only long enough for you to download it. A 5-minute timer automatically clears the decrypted content from browser memory.
Filename sanitization
Filenames embedded in encrypted files are sanitized on decryption to prevent path traversal attacks. Control characters, directory separators, and excessive lengths are stripped.
Keyserver response validation
When looking up a public key by email, CryptDrop verifies that the returned key actually contains a matching email in its user ID. This prevents the keyserver from returning a wrong or malicious key.
Security headers
HSTS with 2-year preload, X-Frame-Options: DENY, Cross-Origin-Opener-Policy, and Referrer-Policy: no-referrer. These prevent clickjacking, cross-origin attacks, and referrer leakage.
No tracking or analytics
CryptDrop has no analytics scripts, no tracking pixels, no cookies, and no third-party resources. The site loads only its own assets and connects only to keys.openpgp.org when you explicitly request it.
Don't take our word for it
CryptDrop is built on OpenPGP.js, a widely audited open-source encryption library. The app itself is a static site with no backend — you can inspect the source code, read the network requests in your browser's DevTools, and verify every claim on this page yourself.