Copy/Paste Crypto

MJS 2015-09-10

This is a demo page that shows 'through the middle' encryption that users can added to any existing communication channel. You can write your messages here, copy the encrypted form into any other chat windows, copy encrypted messages that you receve into the decrytion box here.

Type a shared secret that all parties have, like a password. Or you can use the Diffie - Hellman key exchange page. Don't put the the shared secret into any chat!

Then

Type what you want to encrypt here

Then using the key. Send this:

[nothing encrypted yet]

Paste what you receve here:

and then using the key.

Chatlog:

Implementation

All crypto done is using the native crypto API in browsers. The key is derived from the shared secret by PBKDF2. The input string is salted and ran with 10000 iterations (this is low, but this is just a demo page) and a 256 bit key for AES is generated. The encryption is done with AES-CBC with a random 16 byte IV generated at encryption time from crypto.getRandomValues as part of the crypto api. The IV is prepended onto the beginning of the resulting encrypted blocks. On decryption, the IV is taken off the front of the cyphertext and the message decrypted using the key.

Unicode characters in any input are handled by the native TextEncoder API. ❤ ✓ à la mode

Please note however that encryption done in your browser is not secure unless the page you have is loaded locally (not over http) and that you trust its source.