Guides/Fundamentals

What is client-side encryption, in plain language

Client-side encryption means the encryption happens on your device, using a key you hold, before the file goes anywhere. A cloud storing your data sees only sealed bytes; a server operator cannot read your files even if they wanted to.

Client-side vs server-side

Server-side encryption means the server holds your key and unlocks the files for you. Convenient, but the operator (and anyone who compels them) can read what's stored.

Client-side encryption keeps the key on your machine. The server holds a locked box it cannot open.

How Elba does client-side encryption

Elba runs entirely inside a browser tab. Your password derives a key with PBKDF2; that key seals your folder with AES-256-GCM. The key never touches disk unencrypted and never leaves the tab.

Questions people actually ask

Is client-side encryption the same as end-to-end?
Client-side is the ingredient; end-to-end is the recipe. Elba is client-side by construction; there is no ‘other end’ because there is no server.
What if I lose my password?
There is no recovery. That's the price of a key nobody else holds.

Take the island

Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.

  1. €49MMXXVI· now ·
  2. €39MMXXVII2027
  3. €29MMXXVIII2028
  4. €19MMXXIX2029
  5. FreeMMXXX2030

the price falls each year · free to all 1 jan 2030

pay once · no account · nothing leaves

Related guides