FastDDL/ blog
2026-06-22 • 4 min read

AES-256 Encryption Explained

AES-256 is the encryption standard used by banks, militaries, and intelligence agencies worldwide. But not all AES-256 is created equal. Here's what matters for secure file sharing.

What does 256 mean?

The "256" refers to the key length in bits. A 256-bit key has 2^256 possible combinations — that's approximately 10^77, more than the number of atoms in the observable universe. Brute-forcing AES-256 is computationally impossible with current or foreseeable technology.

GCM: Authenticated encryption

FastDDL uses AES-256-GCM (Galois/Counter Mode). The "GCM" part is critical — it provides authenticated encryption, meaning the ciphertext includes a mathematical proof (authentication tag) that the data hasn't been tampered with.

Without authentication, an attacker could modify your encrypted file in transit and the recipient wouldn't know. GCM detects any tampering automatically — if even one bit is altered, decryption fails.

Zero-knowledge: Who holds the key?

The strongest encryption is meaningless if the service provider holds your key. Many "encrypted" file sharing services generate or store your password server-side — meaning they can decrypt your files on demand.

FastDDL is zero-knowledge by design:

  • The password is generated randomly in your browser
  • It's shown to you once and never stored
  • The server only ever sees the encrypted file
  • Even FastDDL's operators cannot decrypt your files

Why password storage matters

If a file sharing service stores your password — even hashed — they can potentially recover it. A database breach would expose every file. FastDDL's architecture makes this impossible: the password exists only in your memory and the encrypted file exists only on Cloudflare R2 storage.

The takeaway

When choosing a file sharing service, ask: Can the provider decrypt my files? If the answer is yes or unclear, your data isn't truly private. FastDDL's answer is definitively no.