CryptoData

about :: screenshots :: examples :: cipher :: privacy policy :: support ::
Easily and quickly to encrypt / decrypt.
For users: private messages via e-mail, blogs, social networks, forums, etc.
For webmasters: websites protected pages without the need to use a secure protocol (pages, images, photos, etc.)

Support: Firefox, Thunderbird, SeaMonkey, Google Chrome

Mozilla Firefox, Thunderbird, SeaMonkey: https://addons.mozilla.org/addon/crypto-data/
Google Chrome: https://chrome.google.com/webstore/detail/cryptodata/kddnbgkpmoimjnndiafmlacadfghkjjh

This addon allows you to encrypt and decrypt the text: selected or manually entered text, as well as whole site
The encryption process is based on the US military standard Advanced Encryption Standard (AES)
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard

JavaScript implementation (AES CTR) belongs to Chris Veness: http://www.movable-type.co.uk/scripts/aes.html

All encryption and decryption is performed only on the client side without the involvement of external resources or Web services.
Examples encrypting the selected portion of text and web-site

  • For users:
    Simply select the plain or encrypted text in your web browser, open the context menu by clicking the right mouse button, and you can easily encrypt or decrypt any text.
    There is also a possibility of automatic decryption.

    New feature in CryptoData:
    Now there is crypto-notepad ( CryptoPad ) in which you can save your personal records. By default notepad file is stored in the user preferences directory in s3crypt_notepad.sqlite file, but you can specify the location, name and file type where and how you want.

  • For webmasters:
    With this extension you can encrypt any content on the server, e.g. html, javascript or images
    Even if website uses a secure HTTPS-connection and access to his page requires HTTP-authentication, it does not mean that you are fully protected!
    There are many ways to steal your information, for example by using a proxy, sniffer or Trojan horse program (eg such as Zeus)
    But when you use addon CryptoData attacker could only get a set of useless characters!

    For convenience webmasters CryptoData sends cookie s3crypt_site_enable = true to the encrypted site. Thus, the site can recognize that the client has CryptoData and it can get the encrypted content.

    An example of the implementation of the encryption algorithm on the server side:

    • PHP (aes-ctr)
      http://www.movable-type.co.uk/scripts/aes-php.html

    • PERL (aes-ctr)
      http://search.cpan.org/perldoc?Crypt%3A%3AAES%3A%3ACTR
      #!/usr/bin/perl -w
      use strict;
      use Crypt::AES::CTR;
      use Digest::MD5 qw(md5_hex);
      
      print "Content-Type: text/html; charset=utf-8\r\n";
      print "Cache-Control: no-store, no-cache, must-revalidate\r\n";
      print "Pragma: no-cache\r\n\r\n";
      
      my $key = 's3blogtest';
      my $text = 'Hello World!';
      my $crypt_text = Crypt::AES::CTR::encrypt($text, $key, 256);
      
      my $md5 = substr(md5_hex($text), 0, 4);
      $md5 = uc($md5);
      
      print 'S3CRYPT:BEGIN:AESCTR:' . $md5 . ':' . $crypt_text . ':END';
      exit 0;
      

    • PERL (rc4)
      http://search.cpan.org/perldoc?Crypt%3A%3ARC4
      #!/usr/bin/perl -w
      use strict;
      use Crypt::RC4;
      use Digest::MD5 qw(md5_hex);
      use MIME::Base64;
      use Encode qw(encode_utf8);
      
      print "Content-Type: text/html; charset=utf-8\r\n";
      print "Cache-Control: no-store, no-cache, must-revalidate\r\n";
      print "Pragma: no-cache\r\n\r\n";
      
      my $key = 's3blogtest';
      my $text = 'Hello World!';
      my $rc4 = Crypt::RC4->new( $key );
      my $crypt_text = MIME::Base64::encode($rc4->RC4(MIME::Base64::encode(encode_utf8($text))));
      
      my $md5 = substr(md5_hex($text), 0, 4);
      $md5 = uc($md5);
      
      print 'S3CRYPT:BEGIN:RC4:' . $md5 . ':' . $crypt_text . ':END';
      exit 0;
      

Donate:
CryptoData is Free Software: please, if you like it, you can support its progress through PayPal.