Doppler Share Security
Learn more about Doppler Share's design and data flow
This document provides an overview of Doppler Share's design and data flow. For information on TLS requirements, data access, and more, check out our general Security Fact Sheet.
Client-Side Zero-Trust Encryption
Doppler Share uses client-side encryption to ensure plain text secrets never touch our systems. We use AES-GCM to encrypt your secrets, with a symmetric key derived from a cryptographically random 64 character passphrase using PBKDF2.
Send Data Flow
- User enters secret and clicks Submit.
- Client-side JavaScript generates a cryptographically random 64 character passphrase
- Client-side JavaScript generates a symmetric key using the passphrase, random salt, and 100,000 rounds of PBKDF2.
- Client-side JavaScript encrypts secret using symmetric key and random IV
- Client-side JavaScript create SHA256 hash of the passphrase
- Client-side JavaScript sends the encrypted secret, hashed passphrase, and expiration details (days/views) to the server.
- Server receives the POST request and saves a record to Doppler's database. The server responds with a link to to the shared secret.
- Client-side JavaScript receives the link and appends the passphrase to it via the URL hash property.
- The link is displayed to the user.
Receive Data Flow
- User visits share page with previously-generated ID included in the URL.
- Server verifies ID exists and hasn't expired. It then either renders the view page (if unexpired) or redirects to the Share homepage.
- Client-side JavaScript checks for the passphrase in the hash property of the URL and prefills it into the passphrase input form, if specified.
- User clicks Submit.
- Client-side JavaScript create SHA256 hash of the passphrase.
- Client-side JavaScript sends POST request to Doppler's server containing the id of the share link and the hashed passphrase.
- Server receives the POST request and looks up the unexpired database row using the ID and hashed passphrase. If found, it responds with the encrypted secret. Otherwise, it throws an error.
- Client-side JavaScript regenerates the symmetric key using the passphrase and 100,000 rounds of PBKDF2.
- Client-side JavaScript decrypts the secret using the symmetric key.
- The decrypted secret is shown to the user.
Slack App
Due to limitations with Slack, secrets shared through our Slack app will be encrypted on our servers. Unencrypted data is never stored in our systems.
Send Data Flow
- User enters secret into Slack
- Slack sends secret and expiration details (days/views) to the server.
- Server generates a cryptographically random 64 character passphrase
- Server generates a symmetric key using the passphrase, random salt, and 100,000 rounds of PBKDF2.
- Server encrypts secret using symmetric key and random IV
- Server create SHA256 hash of the passphrase
- Server saves the encrypted secret, hashed password, and expiration details (days/views) to Doppler's database. The server responds with a link (including the hashed password) to the shared secret.
- Slack receives the link
- The link is displayed to the user.
Updated 8 months ago