cryp.html

Your private, offline encryption vault

Drag & drop a file here, or click to select

How This Works 🧐

cryp.html is a self-contained cryptographic tool that runs entirely within your web browser. Nothing you upload or type ever leaves your computer. All processing happens locally on your device.

The Core Process

Key Generation: When you enter a passphrase, it's not used directly as the encryption key. Instead, it's fed into a sophisticated algorithm called PBKDF2. This algorithm processes your passphrase with a unique, random value (a "salt") over 5 million times. The result is a robust 256-bit encryption key. This intensive process makes it extremely difficult for attackers to guess your passphrase, even if they have the encrypted file.

Encryption: Your file, along with its original name and type, is then encrypted using AES-GCM, a modern, highly secure, and widely trusted encryption standard. A unique Initialization Vector (IV) is generated for each encryption to ensure that encrypting the same file twice with the same passphrase results in a different output file.

Packaging: The final .cryp file is a secure package containing the salt, the IV, and your encrypted data. The tool adds a small header to identify it as a cryp.html file so it knows how to open it again.

Decryption is simply this process in reverse. The tool reads the salt from the file, re-derives the same key using your passphrase, and uses that key and the IV to unlock the original data.

⚠️ Risks & Best Practices

Run It Offline: The biggest risk is using this tool from a website. A malicious server could alter the code to steal your passphrase. Always download cryp.html and run it from your local computer (double-click the file to open it in your browser). The URL in your browser bar should start with file:///.

Strong Passphrases Are Key: Your security is only as strong as your passphrase. A weak passphrase (like "password123") can be guessed. Use the built-in generator or create a long, unique passphrase that is hard for others to guess but easy for you to remember.

No Recovery: If you forget your passphrase, your data is permanently and irreversibly lost. There is no "Forgot Passphrase" option because nobody, not even the creator of this tool, can access your data. Store your passphrase securely and separately from the encrypted file.

Browser Security: Keep your web browser and operating system up-to-date to protect against vulnerabilities. Be cautious about the browser extensions you install, as malicious ones could potentially interfere with this page and compromise your security.

Security Notice

cryp.html

Decryption Successful!

How This Works 🧐

The Core Process

⚠️ Risks & Best Practices

Enter Passphrase