Guides/Fundamentals
What is client-side encryption, in plain language
Client-side encryption means the encryption happens on your device, using a key you hold, before the file goes anywhere. A cloud storing your data sees only sealed bytes; a server operator cannot read your files even if they wanted to.
Client-side vs server-side
Server-side encryption means the server holds your key and unlocks the files for you. Convenient, but the operator (and anyone who compels them) can read what's stored.
Client-side encryption keeps the key on your machine. The server holds a locked box it cannot open.
How Elba does client-side encryption
Elba runs entirely inside a browser tab. Your password derives a key with PBKDF2; that key seals your folder with AES-256-GCM. The key never touches disk unencrypted and never leaves the tab.
Questions people actually ask
- Is client-side encryption the same as end-to-end?
- Client-side is the ingredient; end-to-end is the recipe. Elba is client-side by construction; there is no ‘other end’ because there is no server.
- What if I lose my password?
- There is no recovery. That's the price of a key nobody else holds.
Take the island
Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.
- €49MMXXVI· now ·
- €39MMXXVII2027
- €29MMXXVIII2028
- €19MMXXIX2029
- FreeMMXXX2030
the price falls each year · free to all 1 jan 2030
pay once · no account · nothing leavesRelated guides
- How client-side encryption works, in one page
Client-side encryption means the key never leaves your device. Here's how it works, why it matters, and how Elba applies it.
- Zero-knowledge encryption, explained without jargon
Zero-knowledge means the service can't read your files even if it wanted to. Here's the idea, and how Elba goes one further.