What is encryption?
Encryption is a way to obfuscate data in a way that no one is able to read the original content except with a secret key. Let's make a simple (bad) analogy: you're making a vegetable soup, you blend lots of ingredients with a secret touch. Now if you give that soup to somebody, they won't know how it was made. Another simple example: 20, how was it made? 10+10, 12.5+0.5+7, 130/8 - 0.25 + 4?
That's how encryption works, it takes your file, a salt (that we generate), an initialization vector, a password from you that we run 100,000 times through PBKDF2 (a way to make passwords stronger), then we blend the whole thing in AES-CBC encryption, the same encryption method used by the militaries and governments.
Will anyone be able to read my data?
When you're encrypting the file in Still There, it happens right in your browser, so when we receive the data, it is already a well blended soup (encrypted) and neither us, nor anyone can read that data; the only way is to use the password you used initially to encrypt the data.
Then how will the recipient read the file?
You need to be creative with this one. It is difficult to decrypt a file if the only person who knows the key is dead.
There's a hint box when you are creating an action that can contain information on how to decrypt the file. DO NOT PUT THE ENCRYPTION PASSWORD IN THE HINT BOX, it is only a way to make the recipient remember the password or guess it. Some examples:
- Hide the encryption key in the safe at home and tell your family in the hint where to find the key
- Make a puzzle in the hint that you are certain that only the recipient will know how to solve
- An even more complex puzzle is making a series of actions that when obtained, lead, in a way, to the encryption key (action 1 to Emily: read the Black Swan book page 29, action 2 to Dave: find the news of 27 April 1992 ...etc. action 9 to Emily: Ask dave about 27 April 1992, the key is a combination of A B and X).
- Tell the recipient in real the key to a future file he will receive
Is there a way to encrypt my data other than your website?
Definitely! If you prefer to encrypt your files your way, please do, there are many ways to encrypt them. After encrypting the file, upload it normally through our site; remember to set the option "Already encrypted" on and to add a hint for the recipient to know or guess how to decrypt it. Some ways to encrypt/decrypt files include:
- Using GPG, a better alternative to Symantec's PGP cryptographic software suite. You can use igolder's free GPG online tool.
- OpenSSL, a powerful cryptography toolkit
- Make an archive and encrypt it using 7-Zip
- Encrypt a PDF file using a password
- Or simply, your own encryption language to someone familiar with it: "The red tree told Mr. Cement that lunar eclipse is a drowned potato" go figure that out.