https://github.com/geraintluff/protect
Password-protect files (Balloon hash + AES-GCM), with offline encode/decode
https://github.com/geraintluff/protect
Last synced: 10 months ago
JSON representation
Password-protect files (Balloon hash + AES-GCM), with offline encode/decode
- Host: GitHub
- URL: https://github.com/geraintluff/protect
- Owner: geraintluff
- License: mit
- Created: 2024-07-10T09:53:30.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-20T08:01:49.000Z (over 1 year ago)
- Last Synced: 2025-01-28T21:18:19.681Z (over 1 year ago)
- Language: JavaScript
- Homepage: https://geraintluff.github.io/protect/
- Size: 70.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
- Support: SUPPORT.txt
Awesome Lists containing this project
README
# Protect:
Encrypt (multiple) files in-browser, using Balloon hashing to generate a key for AES-GCM. The results can be downloaded as self-contained HTML files.
Neither the encryption nor the resulting HTML send anything over the network, and can be used offline as local files. Video/audio/images and text files are displayed in the browser once decrypted, so you don't have to download a copy to view them.
The `Makefile` generates the minified JS and self-contained (single-file) encoder versions.
## Encryption
The balloon hash uses a custom SHA-256 implementation (tested against a reference), rather than the `crypto.subtle` one, because the Promise-based interface of that add a delay to each hash. The AES encryption is done with `crypto.subtle` though.
The balloon hash makes it slower to brute-force a bunch of passwords
## Why?
Sometimes I want to keep an offline/remote copy of important info (tax/ID stuff, recovery codes, etc.) and it's reassuring to have an extra layer of protection when if it's sitting somewhere less secure (like my Documents folder).
And also because it's fun.
## License & support
[MIT License](LICENSE.txt), [SUPPORT.txt](SUPPORT.txt)