Web Browser Based File Encryption / Decryption

Use your web browser to encrypt and decrypt files.


Encrypt a File

To encrypt a file, enter a password and drop the file to be encrypted into the dropzone below. The file will then be encrypted using the password, then you'll be given an opportunity to save the encrypted file to your system.

Password
(minumum length eight characters, make sure it strong!)
Password (retype)

Drag and drop the file to be encrypted into this dropzone, or click here to select file.


Usage

Use this web page to encrypt a file using a password, then use the same password later to decrypt the file. IMPORTANT: The same password that was used to encrypt the file must be used to decrypt the file later. If you loose or forget the password, it cannot be recovered!

Operation and privacy

This page uses javascript running within your web browser to encrypt and decrypt files client-side, in-browser. This page makes no network connections during this process, to ensure that your files and keys never leave the web browser during the process. This can be independently verified by reviewing the source code for this page, or by monitoring your web browser's networking activity during operation of this page. This page can also be downloaded and run locally on your system offline.

Cryptography

All client-side cryptography is implemented using the Web Crypto API. Files are encrypted using AES-CBC 256-bit symmetric encryption. The encryption key is derived from the password and a random salt using PBKDF2 derivation with 10000 iterations of SHA256 hashing.

Compatibility with openssl

The encryption used by this page is compatible with openssl.

Files encrypted using this page can be decrypted using openssl using the following command:
openssl aes-256-cbc -d -salt -pbkdf2 -iter 10000 -in encryptedfilename -out plaintextfilename

Files encrypted using the following openssl command can be decrypted using this page:
openssl aes-256-cbc -e -salt -pbkdf2 -iter 10000 -in plaintextfilename -out encryptedfilename

Running this page offline

This web page is self-contained. The page does not require any supporting files; all javascript and css for this page is contained in the source code of this page. To run this page locally on your system offline, simply save this page to your system as a .html file, then open the file from your system in your web browser (optionally with networking disabled).

Verifying the integrity of this page

The expected SHA256 checksum hash of the .html file containing this page is posted at https://github.com/meixler/web-browser-based-file-encryption-decryption. If loading this page from a web server, you can verify that the checksum hash of the .html file downloaded from the web server matches the expected checksum hash using the Page Integrity browser extension. If running this page offline, it is recommended that you verify that the checksum hash of the .html file matches the expected checksum hash before opening the file in your web browser.

License

This project is licensed under the GPL-3.0 open source license.

GitHub

This project can be found on GitHub at https://github.com/meixler/web-browser-based-file-encryption-decryption.

Contact

Please contact MTI for any questions or comments concerning this project.