Home How it works FAQ
HOW IT WORKS

Your image.
Always encrypted.

Scroll to walk through the 6 steps. Nothing leaves your browser unencrypted.

1 / 8
01

Pick your image

Drop, browse, or Ctrl+V from clipboard. Supports PNG, JPEG, GIF, WebP, BMP, TIFF, ICO. Up to 25 MB per file.

Client-side
02

Key generated in browser

A random 256-bit seed and 96-bit IV are generated via crypto.getRandomValues(). These never leave your device. Ever.

Client-side
03

3 algorithms encrypt locally

AES-256-GCM for authenticated encryption, HKDF-SHA-256 for key derivation from the random seed, and HMAC-SHA-256 (truncated 128-bit) for integrity verification. All three run in your browser via WebCrypto.

Client-side
04

Server adds 4 more layers

Ciphertext is wrapped with server-side AES-256-GCM + HKDF, then 3 PQC algorithms: ML-KEM-1024 (key encapsulation), ML-DSA-87 (signatures), SLH-DSA-SHAKE-256s (hash-based signatures). Hybrid key via HKDF-SHA3-256. Data split with Reed-Solomon 4+2 erasure coding.

Server-side
05

Share link with key fragment

The decryption key lives in the URL # fragment. Fragments are never sent to servers by browsers. Only the full link decrypts.

uploadimages.org/a1b2#E2E1.seed.iv.hmac
Client-side
06

Viewer decrypts in browser

Recipient's browser reads the fragment, fetches the encrypted blob, verifies HMAC, decrypts via AES-256-GCM, and renders. Server never sees the image.

Client-side

❌ Server knows

  • Encrypted blob (random bytes)
  • File size + upload timestamp
  • Hashed uploader IP

✅ Server does NOT know

  • Image content
  • File type or metadata
  • Decryption key
  • Who views the image
8 algorithms total

3 PQC · 4 Classical · 1 Erasure

Hybrid key combines classical AES with PQC ML-KEM via HKDF-SHA3-256. Even if one layer breaks, the other still protects your data.

ML-KEM-1024FIPS 203 · PQC
ML-DSA-87FIPS 204 · PQC
SLH-DSAFIPS 205 · PQC
AES-256-GCMEncryption
HKDF-SHA-256Key derivation
HMAC-SHA-256Integrity
HKDF-SHA3-256Hybrid key
Reed-Solomon 4+2Redundancy
Upload an image