No robot: Encrypt text on a webpage.
The original Norbt (No robot) service appeared on the Web, which allows anyone who wants to create their own page with encrypted text in a couple of seconds. You can see the contents of the page only if you know the password.
The creators of the web application claim that it uses strong cryptography, so that even if the server is hacked, the hacker cannot decipher the text. Data on the server is stored in this form:
Answer: SHA1 (answer + salt1), salt1
Text: AES128 (SHA1 (answer + salt2), IV, Mode.CFB, text), salt2, IV
')
That is, to decrypt the text, the hacker will have to crack or SHA1 (answer + salt1), or AES128.
Listening to the traffic by cracking SSL also does not help the hacker, because all encryption operations are performed in the browser.
The creators of the web application claim that it uses strong cryptography, so that even if the server is hacked, the hacker cannot decipher the text. Data on the server is stored in this form:
Answer: SHA1 (answer + salt1), salt1
Text: AES128 (SHA1 (answer + salt2), IV, Mode.CFB, text), salt2, IV
')
That is, to decrypt the text, the hacker will have to crack or SHA1 (answer + salt1), or AES128.
Listening to the traffic by cracking SSL also does not help the hacker, because all encryption operations are performed in the browser.
Source: https://habr.com/ru/post/76351/
All Articles