Message Encryption App (non FCC side-project)

Hi everyone,

I’ve spent the last day making a simple message encryption app, https://simplemessageencryption.000webhostapp.com/

I decided to use a custom encryption algorithm to practice a lot more JS instead of just bypassing practice and importing a library like JSAES that does it all with a couple of abstracted functions.

It randomly generates an encryption key which is then broken down in 256 character parts and assigned to an object which contains all the keys on a keyboard and these key value pairs are used to scramble a message input. It’s not AES secure but it still ‘should’(hopefully) be impossible to crack without the encryption/decryption key.

Any advice or opinions would be greatly appreciated.

Thanks

1 Like

Cool project, so basically you have created a ceasar’s chiper (a little more random). However, if you got a longer encrypted text, this one can still be relatively easily cracked based on the frequency of the letters (and a little trial and error:).

2 Likes

I know it was never going to win the AES competition lol. So re deciphering it, if you just had the encryption key of a longer message would someone just need to check for repeating patterns then make a guesses by substituting in the same letters each time the same ‘encrypted section’ appears? then just check (either by eye or automated someone) if its a real english sentence?

I think I see what you’re saying, i’m gonna try make it better now anyway. Thanks for you input, really appreciate it.

For perfect secrecy, you could use the one time pad (if you would like to search it up on google). You have to generate a random key for every bit (you can cheat and use every character instead :wink: ) of the message and then XOR the message with the generated keystream. The encrypted message can be XOR’d again with the keystream to got the original message. It is called “one time” pad, because you have to throw the key out after using it… each new message means new key (and it should be truly random, Math.random() is not good enough as it is not cryptically strong, but for the sake of the project, you can cheat here as well). The practical problem with this approach is you have to transfer the key proportional sized to the message (exactly as long as) preferably in an out of band, “safe” channel. This is the reason it is not really used.

1 Like