Family-And-Me
Zero-trust family archives: Encrypted on your device, shared only with those you love.
Family-And-Me helps families preserve photos, videos, and life stories in private, cryptographically secured vaults.
Your memories are never exposed to unsolicited indexing, data mining, or AI training.
You own the keys; we just provide the vault.
Family-And-Me is a sovereign archive platform for long-term memory keeping.
The system is designed with zero-trust concept in mind, such that the end-to-end encryption is included in every layers by design.
Each family vault is sealed with encryption keys controlled entirely by your family members, not the hosting layer.
By decoupling the "storage" from the "security," we ensure that even if the cloud is compromised, your memories remain unreadable to anyone but you.
How Family-And-Me works
Create a vault once, then share it safely across family devices with controlled access.
Step 1: Register a device
Create an account and register your first device
Create an account and register your first device.
The device is identified with a public/private key pair that can be exported and saved for backup.
Once a device - a browser or mobile app - is registered, it can create and access vaults.
The communication between the device and the server is encrypted using the device's public/private key pair.
All communication with the server is wrapped in an ephemeral encrypted session, protecting the data from the beginning.
Step 2: Create a protected vault
Create a protected vault with a single click
Create a vault - a secure container for family files - by giving it a name and selecting a storage backend.
From the first moment the vault has been created, it is assigned a symmetric content encryption key.
This key is shared between vault members safely, such that it never travels over the network unencrypted.
Nor becomes it known to the server at any moment in time.
When a piece of content is uploaded to the vault, it is encrypted with the vault's key prior to leaving the device, ensuring that it is never exposed to unauthorized parties.
Step 3: Manage membership
Invite members to join your vault
Sharing is handled through a secure vault encryption key share protocol.
When you invite a member, the system transmits the new member public key to the device, accepting the request to join the vault.
The new member then receives safely the vault's encryption key, encrypted such that only they can decrypt it.
This ensures the key never travels over the network in the clear and remains unknown to our servers.
If a member leaves, the vault key is rotated, maintaining strict forward secrecy for your archive.
Family-And-Me advantages
Cryptographic Privacy by Design
The zero-trust model of Family-And-Me service uses symmetric encryption to protect your data and asymmetric encryption to protect and verify your identity.
Because the encryption happens on your device, it is physically impossible for us — or your storage provider — to index, profile, or use your family photos for AI training.
Device-Level Identity
Standard passwords can be phished.
Family-And-Me uses a device-based identity model.
Only registered devices, known to the server, can access your vaults.
This adds a physical layer of security, ensuring that only you can access your family vaults.
Decoupled Storage Sovereignty
We separate your Identity* from your Content Data**.
By plugging in your own storage (like Dropbox or S3), you avoid vendor lock-in.
If one provider changes their terms, you can migrate your encrypted archives to another without losing the integrity of your family history, nor ever exposing its contents to the cloud.
Ephemeral & Secure Sessions
Every interaction with our server is protected by a temporary Diffie-Hellman (DH) encrypted tunnel.
These sessions have a short Time-To-Live (TTL) and rotate automatically, ensuring that even your metadata and navigation patterns stay shielded from prying eyes.
Seamless Key Orchestration
We’ve automated the key-rotation - a mandatory part of any cryptographically sound system.
Inviting a spouse or child involves a sophisticated public-key exchange in the background.
But for you, it’s as simple as an email invite.
You get high-grade security with a consumer-grade user experience.
Forward Secrecy & Access Control
The membership lifecycle supports key rotation.
When access is revoked, the system will automatically rotate the vault key, such the removad member wouldn't have access to the new content uploaded to the vault - thus ensuring forward secrecy.
Built for the "Long-Arc" of History
The family archives should last generations.
By using open cryptographic standards and pluggable backends, we ensure your data remains portable, auditable, and accessible to your descendants in the long term, while preserving your privacy.