Boring, decades-old, and reviewed in public a thousand times.

File cipher

Each file in the vault is encrypted with AES-256 in GCM mode using a fresh 96-bit nonce per file. AES-256-GCM is the same primitive the U.S. National Security Agency approves for TOP SECRET material and the same one used by TLS 1.3, signal, WireGuard, and effectively every serious privacy product released in the last decade.

Key derivation

The 5×5 pattern you draw is hashed using PBKDF2-SHA256 with 600,000 iterations and a per-install salt. The resulting key is then wrapped by a hardware key generated and held inside the iPhone Secure Enclave — a separate processor on the device that Apple guarantees never reveals its contents, even to iOS itself.

Without the exact pattern, the wrapped key cannot be unwrapped. Without the unwrapped key, the file is mathematically indistinguishable from random bytes.

Catalog protection

It is not enough to encrypt the files. AppVault also encrypts the catalog — the list of file names, sizes, types, and dates. An attacker with raw access to the device storage cannot see how many files exist, when they were added, or what kind they are.

Transport

AppVault makes zero network calls in its default state. No telemetry, no crash reports, no analytics SDKs, no third-party trackers. If you opt into Encrypted iCloud Backup, files are sealed on your device with a separate backup key and uploaded as opaque blobs. Apple never sees plaintext.

What we do not do

We do not run a server. We do not store your pattern, anywhere, ever. We do not have an account database. We have no way to reset your vault. If you forget your pattern, the vault stays sealed. That is the design.

Audit

A third-party cryptography audit by an established firm is scheduled. Until then, the cryptography stack is built on Apple’s own CryptoKit framework, which is open-source-licensed and continuously reviewed by Apple and the wider community. Our wrapping code is documented in our Security Architecture document, available on request.