this post was submitted on 28 Jun 2025
1 points (100.0% liked)

Programming

21200 readers
30 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
UlrikHD@programming.dev
1
V2 of my Anonymous, Private, Encrypted text/URL tool, with crazy strong encryption. (programming.dev)
submitted 1 day ago by RommieDroid@programming.dev to c/programming@programming.dev
0 comments fedilink hide all child comments
 

~Update~

You can now encrypt plain text, so anything you want. With this, you can send sensitive information over insecure channels or share publicly with real plausible deniability. (below 2000 characters works without issue)

~Changes~

I rebuilt the system with a different encryption design, and address many of the flaws pointed out in V1.

I really wanted any password to always decrypt so you never know if you are right. I found the XOR algorithm that does this, but there is an entropy problem, where an incorrect password will almost always output non-common characters, I attempted to solve this at its core by diving into the math and some research papers but got nowhere, as it seemed to be almost impossible.

I tried finding an algorithm that would give me perfect plausible deniability, so if you shared a link X with a password you could use a different password and get Y, saying you never intended to share X. It doesn't exist 😢 I came up with a workaround by adding decoys which are mutable XOR ciphers joined, it allows you to set what other data is included, so you can tailor your alibi.

Here is the demo link. There are three memes you can find

Password: test1, test2, test3

~Safety~

It should be safe to share data encrypted with this method, I did some basic brute force tests and did not find any shortcuts, I have a rough estimate of a billion years on a server farm for a 12digit password.

~Considerations~

@calcopiritus@lemmy.world said:

"There’s 2 secrets here: the link and the password. And to share it with someone you need to share 2 secrets: the locked link and the password."

A strong password is almost impossible to crack, but you can use a popular text link tool like pastebin with expiry to mask the encrypted data. As for eliminating the password, I have considered using the site as the 'shared secret' so you share just the cipher, and if you know the URL you can paste it in, and it would be encrypted/decrypted with a derived key the site stored.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here