Encrypt Message
Your text will be encrypted in your browser. It never touches our servers.
How Text Encryption Works
Your message is encrypted entirely in your browser using the Web Crypto API. It never touches our servers. Here's exactly what happens when you click "Encrypt Message":
Generate Unique Salt
Your browser generates a random 16-byte salt using crypto.getRandomValues().
This ensures identical messages with the same password produce different encrypted outputs.
Derive Encryption Key
Your password is transformed into a 256-bit encryption key using PBKDF2-SHA-256 with 100,000 iterations. This takes about 100 milliseconds - enough to make brute-force attacks impractical, but fast enough you won't notice.
Encrypt with AES-256-GCM
Your message is encrypted using AES-256-GCM (Galois/Counter Mode). A random 12-byte IV (initialization vector) is generated, and an authentication tag is computed. GCM mode provides both encryption and tamper detection.
Output Base64-Encoded Text
The final encrypted data (salt + IV + ciphertext + auth tag) is Base64-encoded into a text string. Safe to copy, paste, and send via any channel - email, messenger, SMS, cloud storage.
Zero-Knowledge Architecture: Your message never leaves your browser. The encryption happens in JavaScript using the Web Crypto API. We don't see your plaintext, your password, or your encrypted output. The server only delivers static HTML/CSS/JS - no backend processing.
Technical Specifications
No custom crypto. No reinvented wheels. Just battle-tested, NIST-approved algorithms implemented using browser-native APIs. Built by George A. Rauscher, forensic expert with 25+ years experience.