Our Mission

Sharing a sensitive document shouldn't require trusting a stranger with its contents. Most file-sharing services upload your file as-is, store it on their servers, and ask you to take their word that nobody peeks. CifraGuard takes a different approach: your file is encrypted in your own browser before it ever leaves your device, so our servers only ever handle the encrypted version — and we never store your decryption key.

We built CifraGuard for the everyday situations where email alone isn't safe enough — sending a contract, a scan of an ID, medical records, payroll documents, or anything else you wouldn't want sitting unencrypted in an inbox or on someone's server.

What Makes CifraGuard Different

• Client-side encryption. Files are encrypted with AES-256-GCM in your browser. Our servers only ever handle the encrypted version of your file.
• Separate delivery of file and key. The encrypted file and the decryption key are sent in two different emails — ideally to two different inboxes — so a single compromised mailbox reveals nothing.
• Nothing is stored. The encrypted file is deleted from our servers immediately after the delivery emails are sent. Decryption keys are never stored at all.
• No accounts, no tracking. There is nothing to sign up for, no profile to build, and no tracking cookies. The only preference we remember is your light/dark theme choice, saved locally in your own browser.
• Completely free. Send files up to 10 MB, two files per hour — no premium plans, no upsells.

How It Works, In Short

When you select a file on the send page, your browser generates a unique encryption key and encrypts the file locally using the Web Crypto API. Only the encrypted result is uploaded. Our server then sends two emails — one with the encrypted file, one with the key — and deletes its temporary copy. The recipient combines both on the decrypt page, where the original file is reconstructed entirely in their browser. For a full walkthrough, see the step-by-step guide.

The Technology

CifraGuard uses the browser's native Web Crypto API with AES-256-GCM authenticated encryption — the same class of encryption used by banks and governments. A fresh random key and nonce are generated for every file, so no two transfers are ever protected by the same secret. The service itself is a deliberately small, auditable web application: fewer moving parts means fewer places for things to go wrong.

Who We Are

CifraGuard is a free side project operated by Marek Zarzycki under the NubeCode project name, focused on privacy-respecting tools. We believe strong encryption should be the default, not a paid feature.

Get In Touch

Questions, feedback, or a security concern? We'd genuinely like to hear from you — reach us through the contact page. Security issues receive immediate attention.