Sunny Saini
www.SunnySaini.com
myCTR by Sunny Saini

myCTR
Sunny Saini



Password Box:                     


Play Box:                             

         

Neither password nor text is sent to the server. To test this, switch off the internet and encryption/decryption will still work in the browser. The standalone working html file can also be downloaded and can be used offline in a good web browser. Please check the hash sum before using the offline copy.

FAQ


Q1. How to use the program?

The usage is very simple

To Encrypt: Input your password in Password box. The password's correctness can be verified with the associated (small) Check-Box. Now press the clear button to Clear the Play Box text and paste (Ctrl+V) or type the text to encrypt. Press the Encrypt button. Select and copy (Ctrl+C), the encrypted text. Now you can paste it anywhere, like to SMS to a friend, email etc.

To Decrypt: Input your password in the Password box, paste (Ctrl+V) or type the encrypted text in the Play Box and press the Decrypt button.
     To test the displayed sample encrypted message, just type "a" (without quotes) in the Password box and press the Decrypt button to get "ॐ".

TIP!: You may save or send or write in your diary, the encrypted message in the sample format like:

     "I have told my secret mantra myCTR(Home)DIY/IN7xYqA/Ttc= to my beloved ones. Now they are happy too. I shall tell this secret mantra to others in need, as well."

     Here "Home" is the password type (password hint) which you generally use for Home diary or something. It is only the mnemonic for your password and not the real password. "myCTR" reminds you that the message was encrypted using "myCTR" program.


Q2. Is the cipher safe?

Yes. The cipher used is AES-256, which is the same technology used by banks to protect millions of customers and billions of dollars. The AES-256 cipher is used in Counter block mode here, which enhances the security with simplicity and minimal output length. Moreover, the cipher is fully compatible with OpenSSL which in turn is internally used world-wide by many Operating systems like Android. However, I have removed the useless initial text "Salted__" which has nothing to do with security, instead it unnecessarily increases the encrypted text size.

Q3. How can I decrypt an "OpenSSL -a -aes-256-ctr" encrypted message with myCTR App?

Although this is not at all required and myCTR is sufficient for all purpose use, still to test OpenSSL compatibility, you may use this technique.
  • Write the base64 message to a file and decode the file using a good base64 encoder/ decoder program.
  • Open the file in a good Hex Editor program (NOT notepad etc) and delete the initial text "Salted__".
  • Again encode the file to base64 format.
  • Now the message can be decrypted with "myCTR" App using correct password.
For text data with special characters:
  • For special characters, the successful decryption can be done only if the file was converted to utf-8 without BOM, before encryption. This is because, some characters like: 0x92(special single quote), 0x96(special hyphen), etc. are parsed differently by OpenSSL for windows. For this, before encryption with OpenSSL, save the text file in Windows Notepad as utf-8 file. Open it in hex editor and remove the BOM (Byte order mark), the first 3 hex characters EF BB BF. Now encrypt using OpenSSL.

Q4. How can I decrypt a "myCTR" encrypted message with OpenSSL program?

Although this again, is not at all required and myCTR is sufficient for all purpose use, still to test OpenSSL compatibility, you may use this technique.
  • "myCTR" output message is always in base64. Write the base64 message to a file and decode the file using a good base64 encoder/ decoder program.
  • Open the file in a good Hex Editor program (NOT notepad etc) and insert the text "Salted__" (without quotes)(double underscore) at the beginning of the file.
  • Again encode the file to base64 format.
  • Now the message can be decrypted with OpenSSL's command "enc -d -a -aes-256-ctr -in infile_name -out outfile_name" in Windows OS, using correct password.
  • Open in Windows Notepad and save as Utf-8 file. This shall correct the UTF-8 characters.
  • Open in another good notepad (like Ted Notepad) and change UTF-8 mode to ANSI mode and change UNIX mode to Win mode. This shall convert Unix line ending 0x0A to Windows line ending 0x0D0A. The resulting file shall have same md5 as original.

Q5. I forgot the password, how can I decrypt the message? The message is important for me.

You may decrypt the message by starting a brute-force attack today, but the message would be decrypted successfully only after about 400 years of continuous attack on a good Super Computer. To avoid forgetting the password, use the tip I gave in Question 1 and use secure big passwords with mixed characters, numerals and special characters, that are easy to remember but difficult to guess.


Disclaimer



    I, Sunny Saini, am not responsible for any damage/ data loss arising from using this program or arising out of use of this program by any body else. Users must refer to the laws of their country before using any encryption program.
    This program also contains sub-codes that belong to the following third parties:

     Jeff Mott: Main Encryption Engine.

     Todd Motto: The show-password check box.