Skip to content

renerocksai/0xeefe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

21 Commits
build
build
Β 
Β 
docs
docs
Β 
Β 
js
js
Β 
Β 
0xeefe.png
0xeefe.png
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
index.html
index.html
Β 
Β 
msgTemplate.html
msgTemplate.html
Β 
Β 

Repository files navigation

0xeefe.png

πŸ” easy encryption for everyone

  • Runs entirely in your browser
  • No data leaves your browser ever!
    • only the encrypted message, when it is stored on your harddisk or mobile device, in the downloads folder of your browser.
  • just try it at https://renerocksai.github.io/0xeefe
  • no need to trust me!
    • have it audited!
    • check out the source code yourself!
  • Encrypted messages are: encrypted. They are not just password-protected. So anyone receiving your message will not be able to bypass the "password check".

Pro tip: Use an incognito browser window to prevent plugins from reading your private messages!

Contents

  1. Motivation
  2. How to use it for e-mail?
  3. How does the encryption work?

Motivation

Since the introduction of the Lawful Access to Encrypted Data Act I trust no encryption that is managed, i.e. where keys are stored in the cloud.

Quoting bitcoin.com:

US lawmakers have introduced the Lawful Access to Encrypted Data Act to ensure law enforcement can access encrypted information. This bill is β€œa full-frontal nuclear assault on encryption in the United States,” one expert says. It requires manufacturers of encrypted devices and operating systems to have the ability to decrypt data upon request, creating a backdoor requirement.

The only way to ensure personal privacy is to take encryption into your own hands. Unfortunately, technical hurdles exclude the not-so-technical people from their right to privacy. This is where 0xeefe comes in. It is a really easy way to strongly encrypt your private communication. There is no software to install, no key pairs to generate and import, no key servers to maintain. How you manage your encryption keys / passwords is entirely up to you. You might want to remember them all, or have them stored on a secure USB device - or in a secure password manager (like 1Password). Creating encrypted messages doesn't get simpler than that πŸ˜„.

How to use it for e-mail?

Use your e-mail client. I use the webmail version of Outlook.

  • I hit reply on an e-mail

  • instead of replying there, I just select everything with CTRL + A and copy it with CTRL + C:

  • then I head over to 0xeefe, paste with CTRL + V, and type my reply there, if I haven't already

  • I enter the encryption key, twice

  • hit "save encrypted message"

  • and attach the downloaded encrypted message to my e-mail in Outlook

  • that's it! ready to send that encrypted e-mail!

How does the encryption work?

This tool uses the CryptoJs library for the actual encryption. First, a stronger encryption key is derived from the one you input using PBKDF2 and a random salt with 100 rounds. Then the HTML is encrypted using AES256.

Encrypted messages are: encrypted. They are not just password-protected. So anyone receiving your message will not be able to bypass the "password check".

To-do

  • might turn this into a browser plugin
  • automatically convert all pasted image URLs to data URLs so they get encrypted, too
    • Outlook inserts them as data URLs for us! Nothing to be done!
    • If other webmail clients upload and turn the images into magic URLs, that's pretty good, too.

About

πŸ” 0xeefe - easy encryption for everyone

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages