Security & Privacy Whitepaper (Overview)Appendix
Appendix: Glossary
This glossary defines key terms and abbreviations used in the whitepaper. If a term has more specific implementation details in a particular chapter, the specification in that chapter shall prevail.
Terms & Abbreviations
- FileBolt
- File transfer platform providing upload, sharing, and download. This document describes its security and privacy design boundaries.
- Security & Privacy Whitepaper
- Document collection describing security goals, threat model, architecture, access control, and encryption specifications, providing verifiable Claim IDs and Evidence links.
- MUST / SHOULD / MAY
- Normative language: MUST (Required), SHOULD (Recommended), MAY (Optional). Used to express implementation requirements and recommendations.
- E2EE (End-to-End Encryption)
- Encryption/decryption occurs on the client side; the server handles only ciphertext and necessary metadata, possessing no decryption capability.
- Zero-Knowledge
- The server cannot obtain decryption key material under normal operation and routine maintenance, and thus cannot decrypt user file plaintext.
- CEK (Content Encryption Key)
- 16-byte (128-bit) key in this document, one per file, used for AES-128-GCM chunk encryption/decryption.
- AES-128-GCM
- An AEAD (Authenticated Encryption with Associated Data) algorithm. Provides confidentiality and integrity; authentication failure results in fail-closed, refusing plaintext output.
- AEAD (Authenticated Encryption with Associated Data)
- Encryption that also authenticates AAD (Additional Authenticated Data) for integrity binding.
- IV / Nonce
- Initialization Vector/Number used once. For AES-GCM, IV must not repeat under the same key to preserve security.
- noncePrefix
- Random prefix generated once per file (e.g., 8 bytes), combined with chunkIndex to form per-chunk IV, ensuring unique IVs under the same CEK.
- chunk / chunkIndex
- File chunk and index. Files are sliced into fixed-size chunks (e.g., 16MB), with chunkIndex incrementing from 0, used for positioning and IV/AAD binding.
- chunkSize
- Size of chunks. Example 16MB (16777216 bytes) in this document, used for large file upload/download and streaming encryption.
- ciphertext
- Result of encrypting plaintext chunks by the client.
- tag (GCM tag)
- Authentication tag output by AES-GCM, used to verify integrity and consistency of ciphertext and AAD.
- AAD (Additional Authenticated Data)
- Binds context (transferId, fileId, chunkIndex) to ciphertext, preventing cross-file/cross-chunk substitution and replay.
- transfer / transferId
- A single transfer (share) record and its unique identifier. Locates metadata, access control, and file collection for that transfer.
- file / fileId
- File entity and unique ID within a transfer. Distinguishes files and their encryption params within the same transfer.
- manifest
- Collection of public parameters and mappings (cryptoVersion, noncePrefix, chunkSize, chunk map, etc.), excluding CEK.
- cryptoVersion
- Encryption/Protocol version identifier (e.g., v1). Constraints algorithms, encoding, and derivation rules, supporting future evolution and compatibility.
- URL fragment (#...)
- Part of URL after "#". Not sent to server per browser standards, used to carry decryption material on client side.
- token
- Credential for access control. Document distinguishes short-term session tokens (scoped, expiring) and long-term login tokens (sender management).
- Short-term session token
- Server-issued, checked against table, expiring, scoped (read_manifest / read_chunk / upload_chunk) access token.
- Long-term login token
- Management-side login state obtained by paid users via one-time login (magic link), used for sender dashboard (revoke, delete, audit).
- scope
- Authorized capability range of a token, used for least privilege and isolation (e.g., separating download ciphertext from reading manifest).
- magic link
- One-time login link. User clicks to authenticate and obtain management login state.
- audit
- Observable data related to transfer (download count, progress), used for sender delivery confirmation; isolated from downloader view.
- CSP (Content Security Policy)
- Browser security header restricting resource sources and execution, reducing XSS and injection risks.
- Security Headers
- Group of HTTP response headers hardening browser security, e.g., HSTS, Referrer-Policy, X-Content-Type-Options, Permissions-Policy.
- HSTS (Strict-Transport-Security)
- Header enforcing HTTPS-only access.
- Referrer-Policy
- Controls Referer information sent during navigation or resource loading, reducing URL leakage risk.
- Clickjacking
- Attack embedding target site in iframe to induce clicks. Defense via CSP frame-ancestors and X-Frame-Options.
- COOP / COEP / CORP
- Cross-Origin Opener/Embedder/Resource Policy headers for cross-origin isolation (requires compatibility assessment).
- WAF (Web Application Firewall)
- Detects and blocks common attacks and abuse traffic (scanning, injection, brute force).
- Rate limiting
- Thresholds on request frequency, concurrency, or resource consumption to reduce abuse, enumeration, and DoS risk.
- IR (Incident Response)
- Process including Triage, Containment, Forensics, Remediation, Review, and Communication.
- VDP (Vulnerability Disclosure Program)
- Mechanism for vulnerability disclosure (Receipt, Verification, Fix, Announcement), encouraging responsible reporting.
- Evidence
- Reproducible entry point verifying a Claim. Can be a chapter anchor (normative spec) or third-party report (TLS, Headers scan).
- Claim / Claim ID
- Verifiable statement and its unique ID. Maps "commitment/policy/spec" to "evidence," supporting audit and change tracking.
Notes
- If term definitions change in future versions, this glossary shall be updated and recorded in the Changelog.
- When terms are used for implementation specs (e.g., v1 IV/AAD encoding), the specific chapter specification prevails.