Store encrypted data

[sunny]

The idea would be to encrypt data in the browser, so that Edith never sees the passphrase, nor the secret that was typed.

If you don’t know the secret you can still clear the page so that nobody can “own” a page.

Usage

To encrypt: go to /foo.crypt (A) and type a secret in a password input at the top of the page. In the bottom textarea you can type a message, with the usual autosave on every keystroke (B). Instead of sending the typed text, the JavaScript will use the password to encrypt the data on the client-side and then send the encrypted blob of data to the server.

To decrypt: go to /foo.crypt again and you will see an empty passphrase input and encrypted text (C). On every keystroke in the password field, the data will be decrypted using that key (D). If you type the correct password that only you know (not even edith does), the data will be correctly decrypted (E). You can now read the text, or modify it and have it save on every keystroke.

If you visit the page (/foo) you would only see the encrypted text (F).

Behavior that has yet to be defined:

• What happens if you type text before typing a password?
• What happens when you change the key while you are editing the page?

Mockups

A (going to /foo.crypt):

🔑 [              ]

B (same page after filling both the page):

🔑 [•••••••       ]

This is the top secret message!

C (same page but with no key):

🔑 [              ]

���&�?=�;�⏾E��~�;�#�����-XdMe�e��X ���8[ДJME�����R��HvYO}�zJfs�+ئ�Q���T{���=�B�yu

D (same page but with wrong key):

🔑 [•             ]

M9�b�)����80��M-�\����a!~�"�ԶfE����:b\�Ô#�O�?I?�!#ƺ7c�qX�XHj���f�}pC��B���BΜR~3

E (same page but with wrong key):

🔑 [•••••••       ]

This is the top secret message!

F (going to /foo):

���&�?=�;�⏾E��~�;�#�����-XdMe�e��X ���8[ДJME�����R��HvYO}�zJfs�+ئ�Q���T{���=�B�yu