Secure and very easy to use local encryption to send data anywhere (browser ui)
Make it super easy to locally encrypt sensible data for designated recipients ensuring privacy, integrity and compliance on whatever way the data is transported. Keys should be considered throw away material and not be reused often in order to render the transported cryptograms useless, even if they are retained in e.g. mailboxes.
See it in action and test it at whisper.syncorix.com. Use at your own risk according to LICENSE.
This is quite simple: Whisper! uses asymmetric cryptography and
the Web Crypto API to create two keys. One can be used for encryption and the other for decryption. The latter should not leave your browser's local storage. To exchange sensitive data the following steps are executed:
- The recipients send their public key parts to the sender and use whatever communication channel they see fit.
- The sender uses the key parts of all intended recipients, encrypts the data locally in the browser and sends the resulting cryptogram to the recipients.
- The recipients decrypt the cryptogram locally in their browser and save the sensitive data. They may throw away their keys rendering the cryptogram useless.
Thus the sensitive data never leaves the senders' and recipients' devices.
Drop recipients' keys and some sensitive data, then locally and download cryptograms:
Drop encrypted stuff you received, then decrypt locally and download result:
- Easy to use and portable across major browsers
- Completely local, you can disconnect internet after the page is loaded
- A keypair is automatically generated locally and stored in the browser's IndexedDB
- The private key is created with
{ extractable: false }and cannot be exported by the application. - The public part of the keypair can be copied and distributed to those who want to send you sensitive data
- The private part remains local and is the only way to decrypt data addressed to you
- Pretty secure algorithms like ECDH-ES, P-256 for key pair, ECDH-ES+A256KW for key wrapping and A256GCM for content encryption
- Use the hosted version (the good stuff happens locally anyway) or self host and modify it
- TODO: continue
- Get a branded, maintained and supported installation for your organization and its partners
- Access to advanced quantum-resistant cyphers
- Hosted either by Syncorix GmbH as SaaS or on your infrastructure
- Syncronization of public keys within your org and their partner (no need to send them separately)
- Synchronization of the created cryptograms to the designated recepients (no need to send them separately)
- OAuth2 / OIDC login with your IDP or e-mail accounts of your org
- optional audit / usage log
- support with your compliance frameworks and certifications
- TODO: continue
- plain HTML, CSS
- Typescript
some magnificent and lightweight libraries
- jose library
- Pure
- Iconify and Material Design Icons
- Alpine for client side magic
Use Bun to run build script that compiles icons
bun run ./build/build-iconify.tsUse Bun for on the fly typescript compilation
bun build src/index.html --watch --outdir localand a tool of your choice serving the app
python3 -m http.server 8080 -d localPlease note that usually
bun src/index.htmlshould do the same but it compiled the jose lib without support for kty: 'EC for some reason.
A couple of functional UI tests across major browser engine is included in tests/. To execute locally use one of the follwoing:
bun playwright test --uibun playwright test --project='dev*'bun playwright test --project='<te|qa|live>*'bun playwright testSee test config for complete list of projects to execute and Playwright for doc