Security Transparency

Exactly how Lockbox protects your data. No hand-waving. No "military-grade" nonsense. Just facts.

Encryption algorithms

AES-256-GCM

All data at rest. NIST-approved. Authenticated encryption prevents tampering.

PBKDF2-SHA256

Master password to key. 600,000 iterations via native C++ (OpenSSL). OWASP standard.

HKDF-SHA512

Derives separate keys for vault, sync, and sharing from one master key.

Envelope Encryption

Each item has its own random key, wrapped by the vault key. Compromise of one item does not expose others.

Key hierarchy

Master Password
  ↓ PBKDF2-SHA256 (600,000 iterations, native)
Master Key
  ├─ HKDF → Vault Key → wraps per-item keys
  ├─ HKDF → Sync Key → encrypts cloud backups
  └─ HKDF → Whisper Key → derives sharing keys

What leaves your device

Action	Data sent	Can we read it?
Normal use	Nothing	N/A
Whisper share	Encrypted ciphertext only	No. Key is in URL fragment.
Cloud sync (optional)	Encrypted blobs to YOUR iCloud/Google Drive	No. Encrypted before upload.

What we cannot do

Even if compelled by a government, subpoena, or court order, we cannot:

Read your passwords, notes, or files
Reset your master password
Decrypt your cloud sync data
Read the contents of your Whisper shares

This is not a policy decision. It is a mathematical impossibility. We do not have the keys.

Our security features

Every feature is built with security first. Here is exactly what protects your data.

AES-256-GCM Encryption

What it does: Every item in your vault is encrypted with AES-256-GCM, the same standard used by banks and governments. GCM mode provides authenticated encryption, meaning it both encrypts and verifies that data has not been tampered with.

Why it matters: Even if someone gains access to your device storage, they see only encrypted data. Without your master password, your vault is unreadable.

PBKDF2-SHA256 Key Derivation (600,000 iterations)

What it does: Your master password is transformed into an encryption key using 600,000 rounds of PBKDF2-SHA256. This runs via native C++ (OpenSSL/CommonCrypto) for consistent performance on both iOS and Android.

Why it matters: 600,000 iterations meets the OWASP 2023 standard. Each brute-force guess costs significant computation time, making password cracking impractical.

Envelope Encryption (Per-Item Keys)

What it does: Each item in your vault is encrypted individually with its own derived key via HKDF-SHA512. A unique random key is generated per item, then wrapped with the vault key.

Why it matters: Compromising one item does not expose any other. This is the same pattern used by AWS KMS and Google Cloud KMS for enterprise data protection.

Runtime protection

Feature	Detail
Clipboard	Auto-cleared after 10 seconds
Auto-lock	Locks when app goes to background
Biometric unlock	Key stored in hardware secure enclave (not software)
Dead Man's Switch	Auto-wipe after 7/14/30 days of inactivity
Rate limiting	Progressive lockouts after 5/10/20 failed attempts

Open source cryptography

We use only proven, well-tested libraries (@noble/ciphers and @noble/hashes). No hand-rolled cryptography. These are widely audited, open-source libraries trusted by thousands of projects.

What about a security audit?

We have not yet completed a formal third-party security audit. We are transparent about this. We use only well-audited, open-source crypto libraries (@noble/ciphers and @noble/hashes). A formal audit will be funded from revenue and the results published here.

Contact

Found a vulnerability? Email security@lockboxnow.app