So you really can't see any of the event information?

All of the information about your event and the responses from your guests (with some exceptions below) is encrypted/decrypted on your local device using the key derived from the anchor tag in the URL (the part after the # symbol). This part of the URL is not sent to our servers.

A few details are sent to our servers and stored unencrypted due to operational necessity:

• Event date so that we can prune old events
• Guest response yes/no/maybe value so that we can display it properly
• Unique identifiers of guest responses so they can be updated independently
• The event's unique salt so we can send it to users for decryption

What sort of encryption is used?

To lookup an event without the event GUID, a shared 256-bit hash is derived from the event PIN using 10,000,000 rounds of SHA-256 PBKDF2 with a public salt.

The shared hash allows the user to query our servers for the event GUID and retrieve the encrypted event page. The event page includes the AES-encrypted event details, responses, and the event-specific salt.

The event-specific salt is used to derive the actual 256-bit event encryption key using 1,000,000 rounds of SHA-256 PBKDF2. All event details are encrypted using AES-GCM with the event-specific key and a randomly generated IV for each field.

Is a 10 character PIN really long enough to be secure?

TLDR: It would cost someone about $2,000,000 to crack an event PIN in the worst case scenario.

The event PINs are 48-bit keys encoded as 10 digit Base32 strings. That means there are about 280 trillion possible keys.

The event GUIDs are 128-bit random identifiers. There are approximately 3.4x10^38 possible GUIDs which makes guessing them essentially impossible.

Based on the estimated brute force cost from this 1Password blog article it costs approximately $6 to brute-force 32 bits at 100,000 rounds of PBKDF2.

Supposing an attacker has access to our database, they would have access to every event's lookup hash and AES-encrypted details. It would cost approximately 19 million USD to crack all of the event key lookup hashes and gain access to the full details of all events. Focusing on cracking one specific event using its salt would only require about 2 million USD.

If an attacker is able to MITM your encrypted connection to our site, they would have access to the event salt, and the AES-encrypted details. In this scenario it would cost approximately 2 million USD to brute force that specific event's encryption key and gain access to the event details.