# DragBin Security Architecture

DragBin enforces privacy through mathematics, not policy. Files are encrypted client-side before upload, keys never leave your device, and the cryptographic architecture is published in an open whitepaper.

## Zero-knowledge by design

Your encryption keys never leave your device. DragBin servers store only ciphertext — even in the event of a full server compromise, attackers find scrambled data and nothing else. Only you and people you explicitly share with can decrypt.

## Cryptographic stack

- **MLKEM key encapsulation** — quantum-resistant key exchange mechanism (NIST-standardized) for asymmetric key agreement.
- **AES-256 symmetric encryption** — industry-standard cipher for file content, in transit and at rest.
- **Argon2 key derivation** — Password Hashing Competition winner; high-cost derivation of keys from your password.
- **Hybrid encryption** — symmetric cipher efficiency combined with public-key key exchange.

## Security principles

- Client-side encryption before upload — plaintext never touches a DragBin server.
- Private keys encrypted locally with Argon2.
- No unencrypted keys stored or transmitted.
- Recipient-specific key sharing for granular access control.
- Auditable open-source client code.

## Whitepaper

The full cryptographic architecture is documented in the DragBin security whitepaper — open for review by anyone.

## Who it's for

- Security and compliance teams evaluating zero-knowledge storage vendors.
- Engineers verifying cryptographic claims before deployment.
- Regulated industries (legal, healthcare, finance) requiring auditable encryption.

## Related

- [Zero-knowledge encryption explained](/zero-knowledge-encryption)
- [Post-quantum encryption](/post-quantum-encryption)
- [Philosophy](/philosophy)
- [Pricing](/pricing)