Skip to content

Security Features

Jump to bottom
José Carrillo edited this page Jun 13, 2026 · 2 revisions

Security Features

Beyond core AES-256-GCM encryption, Zefer offers optional controls. All of them — except the public hint/note — are sealed inside the encrypted payload, so they cannot be read or tampered with without the passphrase. Each is available in the web app, and most are available from the CLI, MCP Server, and Library.

Expiration (TTL)

Set a deadline after which the file refuses to decrypt. Stored as a UTC timestamp (milliseconds) inside the payload and checked after successful decryption. Web presets (minutes): 0 (never), 30, 60, 1440 (24 h), 10080 (1 week), 20160 (2 weeks). CLI: --ttl <minutes>.

Note: expiration is a client-side policy check enforced at decryption time; the content is always protected by AES-256-GCM regardless.

Dual passphrase (two-person rule)

Require two passphrases to open a file. Both are combined (separator \x00ZEFER_DUAL\x00) before key derivation, so neither alone can derive the key. Useful for two-person authorization. Web: enable dual mode and provide both passphrases. CLI: -2 "second-key" --dual-key. URL: p, p2, d.

Reveal key

Share a file so the recipient can decrypt it without ever seeing the main passphrase. The file is written in the ZEFR3 format with two independently encrypted blocks (main + reveal). Web: set a reveal key. CLI: --reveal "reveal-passphrase". URL: r. See Binary File Format.

Secret question

Add a question whose answer must be provided to decrypt. The answer is hashed with PBKDF2-SHA256 (100,000 iterations) and only the hash is stored (inside the payload). The plaintext answer is never saved. Web: set question + answer. CLI: -q "Pet name?" -a "firulais". URL: q, a.

IP restriction (allowlist)

Limit decryption to specific IPv4/IPv6 addresses. The allowlist is stored inside the payload; at decryption time the client detects the current IP and checks it against the list. Web: comma-separated IPs. CLI: --allowed-ips "10.0.0.1,::1". URL: ips.

This is an access policy enforced by the client, not a cryptographic guarantee — it raises the bar but the content's confidentiality always rests on AES-256-GCM + the passphrase.

Max decryption attempts

Lock a file after N failed attempts. Tracking is local: localStorage in the browser, ~/.zefer/attempts.json in the CLI. Web presets: 0 (unlimited), 3, 5, 10. CLI: --max-attempts 3. URL: att.

Compression

Optionally compress the content before encryption to reduce size (and obscure exact length). Options: none, gzip, deflate (the CLI also accepts deflate-raw). Implemented with the browser CompressionStream API. Web: choose a method. CLI: -c gzip. URL: c.

Configurable PBKDF2 iterations

Trade speed for brute-force resistance. Levels map to iteration counts:

Level (security / s) Iterations (i)
standard 300,000
high 600,000 (default)
maximum 1,000,000

The CLI can also auto-benchmark (-i 0) to pick a count tuned to the machine. The chosen count is recorded in the public header so decryption uses the same value.

Public hint and note

The only cleartext metadata you can attach: a short hint (e.g., "two parts needed") and a note (e.g., "For Alice only"), visible without the passphrase. Use them sparingly — they are not secret. Web: hint/note fields. CLI: --hint, --note. URL: h, n.

Chunked encryption

Files are encrypted in 16 MB chunks with unique IVs, giving bounded memory use and per-chunk integrity. This is automatic; see Security Architecture and Binary File Format.

Putting it together (CLI example)

zefer encrypt secret.txt \
  -p "main-passphrase" \
  -2 "second-key" --dual-key \      # two-person authorization
  --reveal "reveal-passphrase" \    # share without exposing the main key (ZEFR3)
  -q "Pet name?" -a "firulais" \    # secret question (hashed answer)
  --ttl 1440 \                      # expires in 24 hours
  --max-attempts 3 \                # lock after 3 failed attempts
  --allowed-ips "10.0.0.1,::1" \    # IPv4/IPv6 allowlist
  --hint "two parts needed" \       # public hint
  --note "For Alice only" \         # public note
  -c gzip -i 1000000 --verbose

See URL Parameters to trigger the same options from a link.

📖 Glossary — terms on this page: dual passphrase · reveal key · secret question · TTL / expiration · compression · PBKDF2 · public header · chunk. Full list in the Glossary.

📖 New to a term? See the Glossary. · Zefer · Repository · CLI · MIT © José Carrillo

Zefer Wiki

Guides

Security

Channels

Tools

Project

Reference

Clone this wiki locally