If you want to write me a private email message, you can do that here by
entering some text in the upper window (or alternatively copying it into).
Then press the "Encrypt" button and it will be enciphered securely (using the
Cramer Shoup Cryptosystem, see below) and translated to base64 format, which
you can include as ordinary text in an email.
...everybody can encrypt, but nobody but me can decrypt. That's what a public
key algorithm is all about. The 'decrypt' button will not produce anything
reasonable, for I removed my secret key from the sources. The key has
a 2014 bit prime modulus, which is pretty good.
For I computed the prime moduli and implemented both key-generation and
crypto algorithm myself, this is as trustworthy as it can get.
The Cramer Shoup Cryptosystem
... is a quite recent, practicable and provably secure (in some sense and
under some reasonable assumptions). Please read more about it on
are only three small files:
You are welcome to copy and customize them.
- crypter.html (this html page, hold
down shift an click in order to save to file)
- Crypter.java (the
Java applet with panel)
(the implementation of the crypto algorithm containing the public key)
How 'secure' is this...?
Be not deceived. Absolute security is not feasible in public key
encryption. But even if the problem was not the "inherent guessability" of the
secret key, there are a lot of questions beyond that:
Though the answer to most of the above would with all likelyhood be
this is no reason to be paranoid. After all - how much pain would someone
undergo just to read your email or your files? But I believe it is important
that just some nice and advanced math does not get rid of these problems.
- How secure is the software you are using? Could it do something
complete unintended and undetected (e.g. automatically email the file
you just decrypted, to some interested listener)?
- How secure is the operating system you are using?
Has somebody the right
to access your files or your memory (or could acquire this right)? Does
it produce 'junk' like ~.tmp files, auto-save files or core dumps, that
can be used to figure out what you have been writing in first place?
(If you think this is far fetched, feel free to read about a real
Moby Hack nobody
noticed until the author revealed it)
- How secure is the hardware you are using? Could somebody
physically 'steal' your secret key? Or just trace the signal connected
to your screen?
- How secure is the environment you are in? Could somebody
optically monitor the screen, the keyboard or... you?
The only thing, this small Applet can do, is offering a partial
remedy to the first concern.
You still have to trust Java and your favorite browser not to do something
unintended with your data. But you can check the code, for it is
small (and this is not the case for open source software like PGP). And
you can read the paper and convince yourself of the correctness.
It is hard to offer anything better here.
They were computed on a separate hardware with a allegro common lisp
program. Trusting the bignum routines there and also some advanced prime
number algorithms, I believe they are 'correct' ,i.e. the generators are
really suchlike (which is asserted by falsifying all other possilbe orders)
and the prime moduli are really prime (which is corroborated by a
Millner-Rabin pseudo-primality test).
If you belive, anybody could comfortably compute the discrete logarithm from
a 2014 bit number, you can also use a 5020 bit
key, but be warned that this can last some hours.
Why is it so slooooooow?
The cryptographic algorithm has to deal with long integers (some 2000
bits). And after all, Java is an interpreted language. It might take up to
some minutes to encrypt (or decrypt) a text. The best (and only) thing to to
is to start an encryption and then just do something else.
Please note that the computation time is not a linear increasing
function of the input length, due to the fixed prime modulus. Everything below
250 Characters will take about the same time, then everything below 500
characters twice this time and so on.
Things to do
You might have noticed some obvious extentions to this applet.
I cannot promise to do any of the above soon, for I am really busy with
- Build some form that does the sending of the email automatically, so
you do not have to copy/paste the output area
- Enable other secret/public key pairs (e.g. by menue bar)
- Provide a key generation method
- Provide a generator for the big prime modulus
- Since it is a randomized encryption, add some random seed generator
(at the moment I just use the one Java provides; my claim is that this
does not really compromise security)
So far none. But please email me, if you detect some (even if they do not
compromise the security).
Last modified: Wed Nov 17 14:39:50 1999