Giter VIP home page Giter VIP logo

cryption's Introduction

Cryption

In-Browser AES File Encryption with Data Integrity Check

Website


Introduction

Cryption is an open-source tool that encrypts and decrypts your data in the browser.

It does not upload data to any cloud.

It checks the file integrity, making it impossible to manipulate data without the correct password.

You can also give hints in order to remeber your password.

If you want to, you could download Cryption and use it fully functional offline on your computer.

Usage

Usage Information

To use Cryption as it was intentioned, I advice you to use Firefox. Both Chrome and Safari will crash when files get big (>25 MB), while Firefox managed to encrypt and decrypt files larger then 100 MB. It was also the fastest, but nonetheless, every browser should work

If you want to upload a directory, consider zipping it before uploading, since JavaScript cannot handle directory uploads. You can, however, upload multiple files, which Cryption then bundles to a zip-archive automatically.

Prerequisites

Installation

# Clone the repository (stable branch)
git clone -b master https://github.com/lagmoellertim/cryption.git cryption

#Change Directory
cd cryption

# Install npm packages
npm install

# Start a local server
npm start

Build

# Clone the repository (stable branch)
git clone -b master https://github.com/lagmoellertim/cryption.git cryption

#Change Directory
cd cryption

# Install npm packages
npm install

# Build the app 
npm run-script build

Use on local machine without internet

Download the latest build.zip file from the Cryption releases.

After unzipping it, you can just open the index.html file with your browser, no need to put it on a server!

Contributing

If you are missing a feature or have new idea, go for it! That is what open-source is for!

Author

Tim-Luca Lagmöller (@lagmoellertim)

Donations / Sponsors

I'm part of the official GitHub Sponsors program where you can support me on a monthly basis.

GitHub Sponsors

You can also contribute by buying me a coffee (this is a one-time donation).

Ko-Fi Sponsors

Thank you for your support!

License

MIT License

Copyright © 2019-present, Tim-Luca Lagmöller

Have fun 🎉

cryption's People

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar

cryption's Issues

[SECURITY] Replace CryptoJS with the WebCrypto API

Describe the security flaw
CryptoJS is outdated and not using the newest tech available.

How does this security flaw affect the software
Better security and faster encryption/decryption

Describe possible solutions
Replace CryptoJS with the WebCrypto API and use AES-GCM together with PBKDF2

[FEATURE] Code Documentation / Coverage

Is your feature request related to a problem? Please describe.
By adding documentation, testing and enhancing the software will be much easier. Also, developers could use it to know what code is doing what.

Describe the solution you'd like
Documentation / Full Coverage

[SECURITY] Use zxcvbn for Password Strength Check

Describe the security flaw
Currently, Cryption is using a regex based Password Strength Check Algorithm. This, however, is not optimal, since it does not take password lists or known insecure passwords like "test1234" in account.

Possible Solution
The library "zxcvbn" should fix those problems.

[SECURITY] Reduce Dependencies

Describe the security flaw
Remove unwanted Dependencies to have more control over the code. Also use only well-known and proven libraries

How does this security flaw affect the software
More control over the code

Describe possible solutions
Remove unwanted Dependencies

[FEATURE] Rephrase text in “upload” area

The area displays the text “Click or drag file to this area to upload” and “Support for a single or bulk upload” In both cases, I understand a file is going to be uploaded to a server.

IMHO, this contradicts – or at least creates confusion with – the introductionary text stating “your Data is encrypted and decrypted securely in your browser”.

Only in the README file at Github it explicitely says “It does not upload data to any cloud”.

I suggest to use a different wording for “upload”, e.g. “encrypt”:

Click here or drag a file to this area to encrypt.
You can select or drag multiple files for batch encryption.
(Your data won’t leave your browser.)

(I also modified the English a bit, but of course that’s out of scope of this issue.)

Avoiding the word “upload” (or synonyms) would communicate it clearly that there is in fact no upload taking place.

As further suggestion, I added a sentence in brackets explicitely stating the data is not uploaded anywhere.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.