ZIP hides content but exposes filenames. 7z encrypts but leaves metadata. The .priv format was designed to protect your files, their names, and their metadata - in one step.
The problem
When you password-protect a ZIP file, you feel safe. But anyone who opens that file can still see every filename, folder structure, and file size inside. Metadata like GPS coordinates in photos and author names in documents stays intact.
Older ZipCrypto encryption has been cracked for years. Even "strong" AES-ZIP leaks structure. If someone intercepts your archive, they already know what's inside - just not the content.
The solution
The .priv format encrypts your files, their names, and their structure into a single opaque blob. Metadata is stripped before encryption. An optional expiry date makes files self-destruct after a deadline.
All processing happens in your browser using the native Web Crypto API. Your files never leave your device.
Comparison
A side-by-side look at what each format protects.
How it works
Everything happens in your browser. The server only delivers the page - it never sees your files.
Choose any files you want to protect - images, documents, spreadsheets, code. Drag and drop or click to browse. Any file type, up to 500 MB.
Your password goes through PBKDF2 with 600,000 iterations and a random 32-byte salt. This turns even a simple password into a 256-bit encryption key that's extremely hard to brute-force.
The Web Crypto API handles everything: metadata is stripped, filenames bundled into the payload, and the entire package encrypted with AES-256-GCM. Your files never leave your device.
Send it through email, Slack, WhatsApp, cloud storage - any channel. Share the password separately. The recipient opens it at privconvert.com.
Specification
The .priv format is fully documented. No hidden layers, no proprietary extensions. Here is the binary layout.
| Offset | Size | Field | Description |
|---|---|---|---|
| 0 | 4 bytes | Magic | PRIV (0x50 0x52 0x49 0x56) |
| 4 | 1 byte | Version | Format version (currently 0x01) |
| 5 | 1 byte | Flags | Bit 0: has expiry | Bit 1: metadata stripped |
| 6 | 4 bytes | Expiry | Unix timestamp (uint32 big-endian), 0 if none |
| 10 | 32 bytes | Salt | Random salt for PBKDF2 key derivation |
| 42 | 12 bytes | IV | Initialization vector for AES-256-GCM |
| 54 | variable | Ciphertext | AES-256-GCM encrypted payload + 16-byte auth tag |
uint32 file count, then for each file:
uint16 filename length,
N bytes filename (UTF-8),
uint32 data size,
N bytes raw file data.
All integers are big-endian.
Security
Every component uses battle-tested standards implemented through the browser's native Web Crypto API.
Authenticated encryption. Tamper with one bit and decryption fails.
600,000 iterations make brute-force attacks computationally impractical.
Random 32-byte salt and 12-byte IV. Same file encrypted twice looks completely different.
We never see your files or password. Everything encrypts and decrypts in your browser.
Command line
Encrypt and decrypt .priv files on Linux and macOS without a browser. Fully compatible with the web tools.