Sign in with Google

 

 

How does Secrets work

Secrets is like a normal e-Mail application: you may compose, store and send messages. The main difference is that messages in Secrets are always encrypted. The only way you have to decrypt a message with Secrets is to enter the correct password.

Neither the password, nor the message in clear are saved into the database.
The password should be communicated to the receiver via other means, such as: voice, SMS, instant message...

The encrypted message is stored into the Secrets database. There is no way to decrypt a message other than enter the correct password. Decryption happens on the client browser.

How the message is encrypted

Secrets uses common, standard encryption algorithms to encrypt a message. Here is how it works:


How the message is decrypted

Since Secrets does not store the message in clear or the password, the decryption takes place when the user presses the "Decrypt" button when he views the message. The strange text that appears in the message text area is the Base64 representation of the encrypted text. So, when the user presses "Decrypt" here is what happens: