encryptor.app: The Ultimate Encryption App for Your Data

Text Verschluesselung

Imagine, I recently faced the challenge of sending all my passwords as part of my digital legacy. Being a technology and security aficionado, I was well aware that conventional messenger services hardly provide the necessary level of security anymore. So I thought to myself: “Why not encrypt the text before sending and protect my sensitive data from the prying eyes of unauthorized individuals?”

During my meticulous research, I came across numerous obscure websites touting password-based encryption. Honestly, I was skeptical. This was especially true in light of the recent debates over EU regulations and the covetous stares of interior ministries, who even try to intercept data on common messenger platforms. You can imagine that I did not want to entrust my confidential information to such questionable services. Currently, nothing seems secure.

Therefore, I did what was obvious: I programmed my own solution – simply, casually. Behold my creation: https://encryptor.app

The next day I sat determinedly at my desk and began writing my own encryption program. I was convinced that I could create a solution that would meet my high standards of security and data protection. It was a real challenge, but I am someone who confronts challenges head-on. A true hero in the world of bits and bytes – and I’ve been that way since I was 14.

After countless cups of coffee and several lines of PHP code, it was finally born: the platform “encryptor.app”. With this masterpiece, it is now possible to securely encrypt data and decrypt it only with the correct password. I was overjoyed with my work and relieved to have a reliable method finally to protect my confidential information.

You know, it was almost liberating to know that now people like “Max” can secure their private chats on platforms like WhatsApp. Instead of chatting openly about illicit activities, he can now send encrypted messages and order his weed via WhatsApp without constantly having to beg his dealer for a chocolate bar. This humorous twist shows that, based on my adventures as a mobile data analyst and court record investigator, I know all too well the explosive information floating around.

So I decided to offer the program for free from now on. A generous act of humility and largesse because, after all, it should be accessible to everyone. However, let it be noted that for this magnificent creation I cannot offer any support or liability. Yes, you heard right, DIY all the way! Anyone can request the script for their own server via email and have fun with it (please do not call!). The download link will follow shortly.

Regrettably, I cannot go into detail here about how the program is structured. That would be too much for this short post. But I hope these background insights have given you a glimpse into my thoughts and the development process behind “encryptor.app”. Oh, and not to forget, here is the little showstopper, the glorious encryption routine:

<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['text'], $_POST['password'])) {
    $text = $_POST['text'];
    $password = $_POST['password'];
    $cipher = 'aes-256-cbc';
    $ivlen = openssl_cipher_iv_length($cipher);
    $iv = openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw = openssl_encrypt($text, $cipher, $password, $options=OPENSSL_RAW_DATA, $iv);

    $hmac = hash_hmac('sha256', $ciphertext_raw, $password, $as_binary=true);

    $ciphertext = base64_encode($iv.$hmac.$ciphertext_raw);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Encrypt text - Result. Or as we might say, Text Encryptinator - Ta-da!</title>
    <link rel="stylesheet" href="style.css">
    <script>
        function copyToClipboard() {
            const el = document.createElement('textarea');
            el.value = document.getElementById("output").innerText;
            document.body.appendChild(el);
            el.select();
            document.execCommand('copy');
            document.body.removeChild(el);
            alert("Text has been copied to the clipboard!");
        }
    </script>
</head>
<body>
    <div class="container">
        <h1>Encrypted text</h1>
        <div id="output" class="output"><?php echo $ciphertext; ?></div>
        <button type="button" onclick="copyToClipboard()">Copy to clipboard</button>
<button type="button" onclick="location.href='index.php'" class="home-button">Home</button>
    </div>
</body>
</html>

The script is a simple implementation of a text encryption routine in PHP. It employs the AES-256-CBC encryption algorithm in conjunction with a randomly generated initialization vector (IV) and a Hash Message Authentication Code (HMAC) to ensure the integrity of the encrypted data.

The process and functionality of the script are as follows:

-First, it checks whether the script was called using the POST method and whether the required POST parameters “text” and “password” are set.
-The transmitted values for the text to be encrypted and the password are stored in the variables $text and $password.
-The encryption algorithm “aes-256-cbc” is selected, and the length of the initialization vector (IV) for this algorithm is determined.
-A randomly generated IV with the corresponding length is created using the function openssl_random_pseudo_bytes().
-The function openssl_encrypt() is called to encrypt the text using the chosen algorithm, the password, the IV, and options for raw data output. The result is the raw ciphertext $ciphertext_raw.
-To guarantee the integrity of the encrypted data, an HMAC (Hash Message Authentication Code) is created. This is done by applying the function hash_hmac() with the SHA-256 algorithm on the raw ciphertext, using the password as the key.
-The complete encrypted text is generated by concatenating the IV, the HMAC, and the raw ciphertext. This text is then encoded with base64_encode() to display it in a safe and printable format.
-In the HTML output, the encrypted text is shown in an element with the ID “output”.
-The “Copy to clipboard” button copies the encrypted text to the user’s clipboard.
-The “Home” button returns to the homepage.

Please note that the present script only illustrates the encryption process and not all details can be disclosed here. Interested individuals who appreciate the script and its functionality can request it free of charge via email. Now the question remains: how secure is this encryption?

The AES-256-CBC encryption algorithm is regarded in the professional community as extremely secure and reliable, provided it is implemented correctly and applied appropriately. Here, “AES” stands for Advanced Encryption Standard and the number “256” indicates the key length in bits.

The security of AES-256 is based on several factors, with key length being a crucial aspect. With a key length of 256 bits, there are 2^256 possible combinations available. This enormous key space makes it practically impossible to guess the key through brute-force attacks. The sheer number of potential keys thus offers a high degree of cryptographic security.

Another important aspect is the block cipher mode used. In the case of AES-256-CBC, the Cipher Block Chaining (CBC) mode is employed. This mode links each plaintext block with the previous ciphertext block to provide an additional layer of security. However, it must be noted that the correct use of an initialization vector (IV) is essential to avoid vulnerabilities. Assuming a proper implementation, CBC proves to be a robust mode.

AES-256 has undergone extensive cryptanalytic evaluations and, so far, no practical attacks have been found. The algorithm has proven resilient against various cryptanalytic techniques, including differential and linear cryptanalysis, key reuse, as well as meet-in-the-middle attacks.

It is important to emphasize, however, that the security of AES-256 does not depend solely on the strength of the algorithm but also on a secure implementation and system management. Insecure implementations, side-channel attacks, or poor key management can create vulnerabilities. Therefore, careful handling during implementation, regular updates, and adherence to proven security practices are crucial.

In summary, the AES-256-CBC encryption algorithm is considered secure and robust. The generous key length, the use of CBC mode, and the absence of practical attacks make AES-256 a suitable choice for secure encryption applications. Nonetheless, following established security practices is essential to ensure optimal protection.

It should be noted that a long, well-thought-out password is of great importance! Because the best encryption is only as secure as the password used.

And now, my friends, happy encrypting!

And guess what? I have even more exciting news for you! A version 2 is already in the planning stages, and you can look forward to new and improved features. But that is not all! An app for iPhone and Android is also in the works, so soon you will be able to encrypt safely and conveniently on the go. And the best part? These versions will also be available free of charge! So keep your eyes peeled and be excited about the upcoming updates. There is still so much more to discover.

And to my esteemed encryption aficionados, who always act all-knowing, here’s a little tip: Nothing is truly unbreakable! Even EncroChat was cracked, and anyone who exchanges intimate details about their amorous preferences with their loved one via chat should, at worst, keep in mind that individuals like me – who roam in the shady realms of data analysis – might one day stumble upon your smartphone data. So encrypt your messages and make sure your secrets do not inadvertently fall into the wrong hands! Happy Encrypting! xD

Smartphones that we cannot crack ourselves often end up in the clutches of an Israeli company known for its ability to bypass iPhone security. This company is called Cellebrite. Cellebrite develops forensic tools and mobile data extraction solutions that enable access to locked or encrypted devices and data extraction. They then present the content in a processed and appealing manner.