MiniLock drag-and-drop encryption app coming to browsers
Free plug-in to be unveiled at the Hope X hacker conference
A free browser plug-in designed to let anyone encrypt and decrypt files using a drag-and-drop interface is set to be unveiled at the Hope X hacker conference beginning on 18 July.
MiniLock is the brainchild of Canadian-based programmer Nadim Kobeissi. It's still in the beta phase, but the plan is for the extension to allow users to encrypt any files they want to confidentially store or transfer.
The plug-in will use "public key" encryption to protect files, according to Wired. Everytime a user enters a passphrase, the program will generate two keys: A public key called MiniLock ID and a private key, kept hidden and erased once the program is closed. This negates the need for the user to manually store the private key securely.
Despite the simple mechanism, Kobeissi acknowledged that users will have to create a passphrase of significant length, possibly up to 40 characters.
"[I] do note that while 39 characters is too much for a password, the number starts to become more reasonable when you consider a passphrase, which can be far more memorable than a password," the programmer explained on Reddit.
"Here's an example of a memorable passphrase that's sufficiently random: i'm looking around the room. there are plants. hi ranok. do you like cryptography?'
"Right now, the planned approach simply refuses to let you use the software if your passphrase isn't strong enough. However, all this does [is] put the brunt of the responsibility on what determines passphrase strength. Hopefully this will be described sufficiently in the presentation [at the Hope X conference]."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Wired tested an early version of the Google Chrome extension and reported that files dropped into the program were encrypted within seconds.
MiniLock will initially be made available on GitHub for review. Once any potential bugs/flaws are identified and fixed, it should make its way into the Chrome web store.
Whilst the plug-in should in theory be able to protect files from being opened by government agencies such as the NSA, there will be a disclaimer warning users that - like any other security program - it cannot provide 100 per cent protection.