Security
Threat model, encryption architecture, and responsible disclosure for anonym.plus.
Design Principles
anonym.plus is built on three security principles:
- Offline-first: The entire PII detection and anonymization pipeline runs locally. Documents are never uploaded to any server.
- Zero-knowledge: Your password never leaves your device. Only cryptographic proofs are sent during authentication. The server cannot access your vault contents.
- Defense in depth: Encryption at rest (AES-256-GCM), key derivation via Argon2id, automatic vault locking, and a 24-word BIP39 recovery phrase provide layered protection.
Threat Model
The following table describes what anonym.plus protects against and what is outside the scope of its security guarantees.
| Threat | Mitigation | Status |
|---|---|---|
| Documents sent to external servers | All processing runs locally via bundled Presidio + spaCy. No network calls for PII detection or anonymization. | Mitigated |
| Vault data accessed by attacker with disk access | Vault encrypted with AES-256-GCM. Key derived from user password via Argon2id (64 MB memory, 3 iterations). Without PIN or recovery phrase, data is unreadable. | Mitigated |
| Server compromise exposes user passwords | Zero-knowledge authentication. Passwords are hashed client-side before any server communication. Server stores only cryptographic proofs. | Mitigated |
| Encryption keys extracted from memory | Key material is zeroed from memory when the vault locks. Auto-lock triggers after 15 minutes of inactivity. | Mitigated |
| Man-in-the-middle on API communication | All API communication over HTTPS/TLS. Certificate pinning not implemented (standard browser/Tauri TLS). | Partially mitigated |
| Malware on user's device | Outside scope. If an attacker has code execution on your machine, no desktop app can guarantee security. Use OS-level protections. | Out of scope |
| NLP detection misses PII entities | Presidio + spaCy use both NER (machine learning) and regex patterns. Configurable confidence thresholds and manual review step. False negatives are possible — always review results. | Partially mitigated |
Encryption Architecture
Vault Encryption
All local data (processing history, encryption keys, settings) is stored in an encrypted vault.
- Algorithm
- AES-256-GCM (authenticated encryption with associated data)
- Key Derivation
- Argon2id with 64 MB memory cost, 3 iterations, 32-byte output
- Recovery Phrase
- 24-word BIP39 mnemonic (256 bits of entropy), generated during first setup
- Quick Unlock
- Optional 4-8 digit PIN for convenience. After 3 failed attempts, recovery phrase required.
- Auto-lock
- Vault locks after 15 minutes of inactivity (no mouse, keyboard, or scroll events)
- Key Zeroing
- Encryption key material is zeroed from memory when the vault locks
Document Encryption (Reversible Anonymization)
When using the "Encrypt" anonymization operator, PII entities are encrypted with per-key AES-256-GCM so they can be decrypted later via the Deanonymize feature.
- Algorithm
- AES-256-GCM with random nonce per entity
- Key Lengths
- 128-bit, 192-bit, or 256-bit (256-bit recommended and default)
- Key Storage
- Zero-knowledge: key values never leave the Rust backend. Frontend only references keys by ID.
- Key Rotation
- Generates new key material. Old key value is permanently replaced. Documents encrypted with old key require old key value for decryption.
Authentication
- Password Handling
- Passwords are hashed client-side using Argon2id + HKDF + SHA-256 before any server communication. The server never receives plaintext passwords.
- Session Tokens
- JWT with separate secrets for user and admin authentication. Tokens stored in sessionStorage (cleared on tab close).
- Admin Authentication
- Separate JWT secret (ADMIN_JWT_SECRET). 12-character minimum password. TOTP-based two-factor authentication.
What the Server Sees
The anonym.plus server handles account management, licensing, and license purchases. Here is exactly what it can and cannot access:
- Can access: Email address, license status, machine activations, support tickets, payment metadata (via Stripe/PayPal).
- Cannot access: Your documents, PII detection results, anonymized outputs, encryption keys, vault contents, processing history, or password.
For a full breakdown of collected data, see the Privacy Policy.
Responsible Disclosure
Report a Security Vulnerability
If you discover a security vulnerability in anonym.plus, we encourage responsible disclosure. Please report it through our contact form with the category "Security".
When reporting, please include: a description of the vulnerability, steps to reproduce, the affected version, and the potential impact.
We aim to acknowledge reports within 48 hours and provide a fix timeline within 7 days. We will not take legal action against researchers who follow responsible disclosure practices.
Our security contact information is also available at /.well-known/security.txt (RFC 9116).
Open Source Components
anonym.plus uses the following open-source components for its security-critical functions:
- Microsoft Presidio — PII detection engine (Apache 2.0)
- spaCy — NLP models for named entity recognition (MIT)
- Tesseract OCR — Image text extraction (Apache 2.0)
- Tauri — Desktop app framework with Rust backend (MIT/Apache 2.0)
- Argon2 — Password hashing / key derivation (CC0)