Home   About   Contact   Sourcecode  

About EZCrypt

We created EZCrypt because we wanted to give you the power to protect your information from everyone,
including us! In a typical private pastebin, you upload your data and you trust the security of the
server and the integrity of it's operators. With EZCrypt, you get a Javascript file which encrypts your
paste using state of the art AES-128 cipher before it ever leaves your computer!
The link to your paste contains the key to decrypt it which you can share with whomever you want.

The decryption key never touches our server and that means if something bad were to happen,
all of your pastes would still be safe.


How it works:



When you upload a paste, Javascript generates a random key which is used to encrypt your data.
You can see what your paste will look like to our server by holding the mouse over the "Submit" button.

Q: How can the key be in the link and the server still not see it?
A: The key is stored in the Anchor Hash, the part after the "#" which is not uploaded to the server but
is available to Javascript on your computer.

Q: Can this prevent my internet service provider from reading my paste?
A: Yes, the packets which are sent over the wire are in the scrambled form. However, if an attacker
*modified* the Javascript file while it was being sent to you, they could add a security vulnerability.
These so-called "Man in The Middle" attacks are much less frequent than passive listening and unlike
passive listening, they are detectable.