How your data is protected
A plain-language summary of what Oten Drive does to keep your files private. The goal is for these claims to be verifiable in behavior, not just asserted.
A file's full round trip — your device does all the crypto; the server only ever moves ciphertext:
Everything is encrypted on your device
File contents, file names, folder structure, and vault names are encrypted on your device before anything is written to disk or sent over the network.
Plaintext exists only in memory, only while a file is open, and is purged when you close it or lock the vault.
Encryption uses strong, modern, authenticated algorithms with post-quantum-ready (KEM-based) key handling. It's on by default and there's nothing to configure. A public cryptography white paper documents the design.
Keys stay with you
Your seeds and keys live in the operating system's secure storage (Keychain), protected by device hardware. They are not escrowed in the cloud.
Keys are derived in a hierarchy — User → Vault → Shadow Layer → file — so each layer of access is independent.
Keys reach a new device only through your User Recovery Key, never a cloud key backup.
Passwords are verified on your device, against the encrypted data itself. They are never sent to or stored on the server — so there's nothing for the server to check, leak, or be compelled to reveal.
The server can't read your files
Oten Cloud is zero-knowledge: it stores only opaque encrypted blobs plus minimal bookkeeping, and holds no decryption keys.
No one in the middle — not the network, not Oten — can read your files, even under legal compulsion. There's no plaintext to hand over.
Deletion is real
Permanently deleting data (Delete everything) securely wipes the keys involved, making that content unrecoverable by anyone.
Integrity & resilience
Safe Writes protect against corruption; Auto-Lock keeps files sealed even on a crash. Sync uses conflict-aware versioning so concurrent edits don't silently clobber each other.
Under the hood (for the curious)
You don't need any of this to stay safe — it's automatic. But "encrypted on your device" is doing real work, and here's what it actually means:
Files are split into chunks. A file isn't stored as one lump. It's cut into fixed-size pieces, and each piece is sealed on its own with AES-256-GCM — authenticated encryption that also detects tampering.
Every file gets its own key. That per-file key is random and unique, so exposing one file's key tells an attacker nothing about any other file.
Your file keys are sealed with post-quantum crypto. Each file key is wrapped to your vault using ML-KEM-768, a NIST-standardized post-quantum algorithm — so even a future quantum computer can't unwrap it.
Names and folders live in an encrypted index. File names and folder structure are kept in an encrypted local database (the "manifest"), never written in the clear.
Sharing re-seals; it doesn't expose. When you share, your file key is re-wrapped with ML-KEM to the recipient's public key (plus a share password). Only they can open it — the server still sees nothing.
The upshot is the same claim as above, now visible in the mechanics: what leaves your device is ciphertext plus keys that are themselves sealed to keys only you hold. The full design — key hierarchy, decoy slots, signatures — is documented in the public cryptography white paper.
The trade-off
Because only you hold the keys, Oten cannot recover your data for you. If you lose your passwords and your recovery keys, the data is gone. That limitation is what makes the privacy trustworthy.
See also: What the server can see · What Shadow Layers do not protect against
Last updated