AES*xxTEA demo

This page is a demo of double encryption using xxTEA after AES. Code is based on Stanford Javascript Crypto Library and xxTEA implementation by Chris Veness. The later was modified to overcome known attacks. For my comfort and safety it was installed to load from my own server.
To get started, just type in a password in the first (green) pane and a secret message in the second (red) pane, then click "encrypt". Encryption takes place in your browser only. AES encrypted result will be subsequently encrypted by xxTEA. - SJCL has lots of other options for AES. Unhide to show more functionality in the grey boxes or eventually store ciphertext to just send link rather than message. w@ndri.st

Password

Password:

Choose a strong, random password.

Plaintext

Secret message:

This message will be encrypted, so that nobody can read it or change it without your password.

Ciphertext AES * xxTEA

Ciphertext AES

Above your message, encrypted and authenticated by aes so that nobody can read it or change it without your password.
Below your aes message further encrypted by xxTea. Share this one if you prefere double encryption.

Ciphertext xxTEA

Key Derivation for AES

Salt: random

Use fresh random salt for each new password

Salt adds more variability to your key, and prevents attackers from using rainbow tables to attack it.

Strengthen by a factor of:

Strengthening makes it slower to compute the key corresponding to your password. This makes it take much longer for an attacker to guess it.

Key size: 128 192 256

128 bits should be secure enough, but you can generate a longer key if you wish.

Key: Pbdkf password

This key is computed from your password, salt and strengthening factor. It will be used internally by the AES cipher. Instead of using a password, you can enter a key here directly. If you do, it should be 32, 48 or 64 hexadecimal digits (128, 192 or 256 bits). - xxTEA plaintext will be encrypted using SHA-256 of 'salt'+'Password'.

File Management

File encoding to Base64 FileToBase64
Base64ToFile

Follow the links to convert file to text (and vice versa) prior en/decription.

Tools box

SHA-256calc SHA-256 Hex
SHA-256 Bits

SJCL helps to hash or to convert various encodings.

Cipher Parameters for AES

SJCL encrypts your data with the AES block cipher.

Cipher mode: CCM OCB2

The cipher mode is a standard for how to use AES and other algorithms to encrypt and authenticate your message. OCB2 mode is slightly faster and has more features, but CCM mode has wider support because it is not patented.

Initialization vector: random

Choose a new random IV for every message.

The IV needs to be different for every message you send. It adds randomness to your message, so that the same message will look different each time you send it.

Be careful: CCM mode doesn't use the whole IV, so changing just part of it isn't enough.

Authentication strength: 64 96 128

SJCL adds a an authentication tag to your message to make sure nobody changes it. The longer the authentication tag, the harder it is for somebody to change your encrypted message without you noticing. 64 bits is probably enough.

Send the parameters and authenticated data along with the message.

These parameters are required to decrypt your message later. If the person you're sending the message to knows them, you don't need to send them so your message will be shorter.

Default parameters won't be sent. Your password won't be sent, either. The salt and iv will be encoded in base64 instead of hex, so they'll look different from what's in the box. Here you will find them in HEX.

MAKE SURE the receiver of the encrypted message gets to know the two values:

AES * xxTEA encryption demo