Guides/AES-256-GCM

AES-256-GCM, explained without a maths degree

AES-256-GCM is the encryption primitive Elba uses. It is the same algorithm banks, messaging apps, and TLS use for the actual scrambling. Here it is in plain terms.

What each part means

AES is the algorithm — Advanced Encryption Standard, adopted by the US government in 2001 and unbroken since. 256 is the key length in bits — a very large number, chosen for a very large margin of safety. GCM is the mode — the wrapper that also detects tampering, not just scrambles.

Why GCM specifically

GCM (Galois/Counter Mode) gives you both confidentiality (nobody can read it) and authenticity (nobody can change it without you noticing). Older modes gave you only the first.

What AES-256-GCM does not do

It does not hide that a file exists. It does not protect against a keystroke logger reading your password. It does not save you if you forget the password. Elba's manual covers the honest edges.

Questions people actually ask

Is AES-256-GCM enough for personal files?
Yes, comfortably. It is the standard modern cloud providers use themselves.
How is the key derived from a password?
PBKDF2 with a per-folder salt, using many iterations to slow brute-force attempts.

Take the island

Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.

  1. €49MMXXVI· now ·
  2. €39MMXXVII2027
  3. €29MMXXVIII2028
  4. €19MMXXIX2029
  5. FreeMMXXX2030

the price falls each year · free to all 1 jan 2030

pay once · no account · nothing leaves

Related guides