Send end-to-end encrypted messages with hybrid encryption. Each message is encrypted with a unique AES-256-GCM key, which is then encrypted with the recipient's RSA-2048 public key. All encryption happens on your device before sending.
Simple interface to send and receive e2ee Messages
GitHub login provides your identity. You create a separate encryption password that never leaves your browser. This password encrypts your private key before storage, enabling multi-device access while keeping the server unable to decrypt anything.
- Messages encrypted client-side with AES-256-GCM
- Unique AES key per message, encrypted with RSA-2048-OAEP
- Encryption password never sent to server
- Private keys protected with PBKDF2 + AES-256-GCM
- Server cannot read messages or decrypt keys
Limitations
This implementation uses static RSA, which means it does not provide forward secrecy. If your private key is compromised, all past messages can be decrypted.
Web-based e2ee has inherent risks. You must trust that the server delivers clean JavaScript, your browser environment is secure, and your device hasn't been compromised.
Loading...