Export & Import Encrypted Files
Qpher Vault lets you create portable encrypted .qpher files that can be transferred offline — via AirDrop, email, USB drive, or any other method. The recipient imports the file into their vault where it's verified and decrypted server-side.
Offline transfer, online decrypt.
Share Encrypted (.qpher)
Send an encrypted copy of your file to another Qpher user:
- Open the document detail page
- Tap the menu button, then Share Encrypted
- Enter the recipient's email address
- Tap Export Encrypted File — the server creates a
.qpherfile - The iOS Share Sheet appears — send via AirDrop, email, Messages, or save to Files
The recipient needs an active Qpher account to import the file. If they don't have one, the app will suggest using Qpher Share instead (which supports pending shares for new users).
Backup Encrypted
Create a backup copy of your encrypted file:
- Open the document detail page
- Tap the menu button, then Backup Encrypted
- A
.qpherfile is created with you as the recipient - Save it to Files, iCloud Drive, or an external drive
This is useful for creating offline backups that only you can decrypt.
Import a .qpher File
Import a .qpher file you received:
From the app
- Tap the + button in the document list
- Select Import .qpher File
- Select the
.qpherfile from Files
- The server verifies the sender's signature, decrypts, and stores the file in your vault
From AirDrop or "Open In"
When you receive a .qpher file via AirDrop or tap one in Files/email, Qpher Vault opens automatically and starts the import process.
Security Properties
Every .qpher file includes multiple layers of security:
| Property | Description |
|---|---|
| Sender Signature | ML-DSA digital signature proves who created the file |
| Quantum-Safe Encryption | AES-256-GCM + X-Wing KEM encryption |
| Recipient Binding | Only the intended recipient can decrypt |
| Header Integrity | AAD binding detects any header tampering |
| Revocation | Sender can revoke before the recipient imports |
If anyone modifies the .qpher file after export — even a single byte — the import will fail with a signature verification error. This protects against man-in-the-middle attacks.
Import Error Messages
| Error | Meaning |
|---|---|
| Invalid file format | The file is not a valid .qpher file |
| Sender signature failed | The file may have been tampered with |
| Share revoked | The sender revoked this export |
| Already imported | This file was already imported (replay protection) |
| Share expired | The export has expired |
| Wrong recipient | This file was encrypted for a different user |
Plan Requirements
| Plan | PQC-only Export | Hybrid Export | Monthly Limit |
|---|---|---|---|
| Explorer (Free) | - | - | - |
| Personal | Yes | - | 50 |
| Starter | Yes | Yes | 50 |
| Professional | Yes | Yes | 500 |
Related Guides
- Share Documents — In-app sharing (no file download needed)
- Access Log — Export and import events appear in your access log