Secure Password Sharing
TorrinPass enables secure password sharing using P256 ECIES (Elliptic Curve Integrated Encryption Scheme).
How It Works
Section titled “How It Works”Key Pairs
Section titled “Key Pairs”Each TorrinPass user has a P256 key pair:
- Public key — Shared with others, used to encrypt data for you
- Private key — Kept secret, used to decrypt data sent to you
Sharing Flow
Section titled “Sharing Flow”Sender's Device:┌─────────────────────────────────────────────┐│ 1. Get recipient's public key ││ 2. Generate ephemeral key pair ││ 3. Derive shared secret (ECDH) ││ 4. Encrypt password with shared secret ││ 5. Send: ephemeral public key + ciphertext │└─────────────────────────────────────────────┘ │ ▼Recipient's Device:┌─────────────────────────────────────────────┐│ 1. Receive ephemeral public key + ciphertext││ 2. Derive shared secret using private key ││ 3. Decrypt password │└─────────────────────────────────────────────┘Security Properties
Section titled “Security Properties”End-to-End Encryption
Section titled “End-to-End Encryption”Only the recipient can decrypt the shared password. TorrinPass servers never see the plaintext.
Forward Secrecy
Section titled “Forward Secrecy”Each share uses a new ephemeral key. Compromising one share doesn’t affect others.
Authentication
Section titled “Authentication”The recipient’s public key ensures only they can decrypt.
Technical Details
Section titled “Technical Details”| Component | Specification |
|---|---|
| Curve | P-256 (secp256r1) |
| Key Agreement | ECDH |
| Encryption | AES-256-GCM |
| KDF | HKDF-SHA256 |
Revoking Access
Section titled “Revoking Access”When you revoke a shared password:
- The share record is deleted from our servers
- The recipient can no longer access the password
- Your original password is unaffected