Client-Side Encryption for Messages and Files up to 2GB
Built with forensic-grade security by George A. Rauscher (25+ years IT security experience)
Live Demo: https://encryptor.app
- AES-256-GCM (military-grade encryption)
- All processing happens in your browser
- No data ever touches our servers
- No registration, no tracking, no logs
- Drag & drop interface
- Handles large files efficiently
- Encrypted files include password hint
- Original filename preserved in metadata
- Quick message encryption
- Copy encrypted text with one click
- Perfect for secure communications
- No character limits
- PBKDF2 key derivation (100,000 iterations)
- Random salt for each encryption
- Authentication tags prevent tampering
- SHA-256 fingerprints for verification
- Quantum-resistant password generation (24 chars, ~158 bits entropy)
- Pure client-side JavaScript (Web Crypto API)
- Progressive Web App ready
- Works offline after first load
- No dependencies, no tracking
Visit encryptor.app and start encrypting immediately.
git clone https://github.com/georgerauscher/encryptor-app.git
cd encryptor.appOpen index.html in any modern browser. That's it! No build process required.
- Key Derivation: Your password is processed through PBKDF2 (100,000 iterations)
- Random Salt: A unique salt is generated for each encryption
- AES-256-GCM: Military-grade encryption with authentication
- Metadata: Original filename and fingerprints are embedded
- Download: Encrypted file downloads automatically (.encrypted extension)
- Upload: Select your encrypted file
- Password: Enter the password used for encryption
- Verification: Authentication tag ensures file wasn't tampered with
- Restore: Original file is restored with correct filename
Client-Side Only
- All encryption happens in your browser
- No server-side processing
- No data transmission
- No logs, no tracking
Strong Cryptography
- AES-256-GCM (NIST approved)
- PBKDF2 with 100,000 iterations
- Random salt per encryption
- Authentication tags (AEAD)
- Quantum-resistant passwords: 24 characters, 94-character charset (~158 bits entropy, ~79 bits post-quantum)
No Dependencies
- Uses native Web Crypto API
- No external libraries
- No tracking scripts
- Lucide icons hosted locally (zero CDN, 100% privacy)
Privacy by Design
- No registration required
- No email collection
- No cookies
- No analytics
Business Communications Send confidential documents securely without enterprise email systems.
Healthcare Professionals Share patient data while maintaining GDPR/HIPAA compliance.
Developers Protect API keys, credentials, and sensitive configuration files.
Privacy Advocates Communicate without trusting third-party services.
Personal Security Encrypt personal documents before cloud storage.
- Algorithm: AES-256-GCM (Authenticated Encryption)
- Key Derivation: PBKDF2-SHA-256
- Iterations: 100,000 (OWASP recommended minimum)
- Salt: 16 bytes (cryptographically random)
- IV: 12 bytes (cryptographically random)
- Tag: 128 bits (authentication)
- Chrome 80+
- Firefox 75+
- Safari 14+
- Edge 80+
- Any browser with Web Crypto API support
- Maximum: 2GB per file
- Recommended: Up to 500MB for best performance
- Large Files: 500MB-2GB (may take longer on slower devices)
Encrypted files use this structure:
[Magic Bytes: "ENC1"]
[Salt: 16 bytes]
[IV: 12 bytes]
[Hint Length: 2 bytes]
[Hint: UTF-8 string]
[Filename Length: 2 bytes]
[Filename: UTF-8 string]
[Fingerprint Length: 2 bytes]
[Fingerprint: UTF-8 string]
[Encrypted Data + Auth Tag]
This format ensures:
- Version compatibility
- Tamper detection
- Metadata preservation
- Cross-platform support
Built by: George A. Rauscher
Company: intelligent piXel GmbH
International Institute of Forensic Expertise (IIFE)
Location: Starnberg, Germany
Experience: 25+ years in IT security and digital forensics
If you use this project, please keep the footer attribution intact. It helps others discover this tool and supports continued development.
MIT License - See LICENSE file for details.
Copyright (c) 2025 George A. Rauscher intelligent piXel GmbH International Institute of Forensic Expertise (IIFE)
Found a bug or have a feature request? Please open an issue on GitHub.
Security vulnerabilities: Please report privately to george@rauscher.xyz
This application is GDPR compliant by design:
- No personal data collection
- No cookies
- No tracking
- No server-side processing
- All data stays in your browser
Lucide icons hosted locally (zero CDN, 100% privacy)
Responsible Party:
George A. Rauscher
intelligent piXel GmbH
International Institute of Forensic Expertise (IIFE)
Starnberg, Germany
Email: george@rauscher.xyz
For full legal information, see the Imprint and Privacy Policy pages.
IMPORTANT: If you self-host this application, you MUST:
- Replace all placeholder data in
imprint.phpandprivacy.phpwith your own legal information - Adapt the privacy policy to your jurisdiction (EU GDPR, US CCPA, etc.)
- Add your local data protection authority contact information
- Customize SMTP settings for the contact form
- Review and update all legal sections according to your country's laws
Liability: The original author (George A. Rauscher) is NOT liable for any legal issues arising from:
- Incorrect or incomplete legal information in self-hosted versions
- Non-compliance with local data protection laws
- Misuse of the software
- Failure to customize legal documents
Consultation: We strongly recommend consulting a lawyer familiar with your jurisdiction's data protection and privacy laws before deploying this publicly.
Transparency is essential for security tools. Open source allows:
- Independent security audits
- Community contributions
- Trust through verification
- Educational purposes
Cryptography should never be a black box.
Thank you for your interest! This project is maintained by George A. Rauscher.
Bug Reports: Please open an issue on GitHub with details.
Security Vulnerabilities: Report privately to george@rauscher.xyz
Pull Requests: Currently not accepting external PRs to ensure security and code integrity. See CONTRIBUTING.md for details.
If you find this useful, please star the repository! It helps others discover this tool.
Made by forensic experts who understand security.
No tracking. No data collection. No compromises.