The Crypto Bible

Comprehensive documentation for the Crypto Lab Suite Pro MAX. From Zero to Hero.

1. Symmetric Vault

This is where your security journey begins. The Vault doesn't just "make strings"; it uses Cryptographically Secure Pseudo-Random Number Generators (CSPRNG) to create keys that are mathematically impossible to predict.

Real World Use: You want to store your diary on a USB drive. You go to the Vault, generate a 256-bit key, and use that key in the AES Engine to lock your text. Without this exact key, the data is just digital garbage.

Key Bit-Length (The Strength)

Imagine a door lock. A 128-bit key is like a lock with 10 pins. A 256-bit key is like a lock with 1,000,000 pins.

128-bit: Fast, standard for most consumer apps. "Secure enough" for today.
256-bit: Used by NASA and Military. Even if every person on Earth had 100 supercomputers, they couldn't crack this before the Sun explodes.

Format (Base64 vs Hex)

This is just how the key looks to your eyes. The data is the same.

Format	Example	Use Case
Base64	`uR3+aP...`	Short, compact, easy to copy-paste.
Hex	`a1b2c3...`	Used in professional programming and low-level hardware.

2. AES Engine

AES (Advanced Encryption Standard) is a Block Cipher. It takes your text, chops it into 128-bit blocks, and puts them through a "mathematical blender" several times.

Cipher Modes (How the blender runs)

The "Mode" decides how each block of data affects the next one.

GCM (Galois/Counter Mode): The Best. It encrypts the data AND adds a "seal". If even one letter in the encrypted message is changed by a hacker, the decryption will fail. Use this for 99% of tasks.
CBC (Cipher Block Chaining): The Classic. Every block depends on the previous one. It's safe but doesn't have the "seal" (integrity) of GCM.
CTR (Counter): Turns AES into a stream. Very fast, used for high-speed video or internet traffic.

The Secret Key & IV

CRITICAL: In the AES Engine, you'll see a result like IV_DATA : ENCRYPTED_DATA. The IV (Initialization Vector) is like a "starter" for the math. You need both parts to decrypt later!

3. Asymmetric (Public/Private)

This is the magic of the internet. It solves the problem: "How do I send someone a key without a hacker seeing it?"

The Mailbox Analogy: The Public Key is your address. Anyone can see it and drop a letter in. The Private Key is the physical key in your pocket. Only YOU can open the mailbox to read the letters.

RSA vs ECC (Which to pick?)

RSA (2048/4096): Based on large prime numbers. It's old, slow, but works everywhere.
ECC (P-256/P-521): Based on Elliptic Curves. Much faster and uses tiny keys. A 256-bit ECC key is as strong as a 3072-bit RSA key. Highly recommended for mobile.

4. Digital Signatures

A signature is NOT for hiding secrets. It is for PROVING who sent the message.

You write a message.
You "Sign" it with your Private Key.
You send the message + the signature.
The receiver uses your Public Key to verify. If the math matches, they know YOU sent it and NO ONE touched it.

5. File Suite Pro

Our File Suite works 100% locally. Your files NEVER leave your computer. We use your browser's RAM to process the data.

How to Encrypt a File:

Select "AES Encrypt".
Enter a strong password (or get a key from the Vault).
Select your file (Photo, PDF, Zip).
Click Execute and download the .enc file.

            Pro: Decrypt using Linux/Mac Terminal
            # If you used the site to encrypt with a password
            openssl enc -d -aes-256-cbc -in myfile.enc -out original.jpg
        

6. Integrity & Hashes

A Hash is a "one-way" function. You can turn a cow into a burger, but you can't turn a burger back into a cow. A hash turns any data into a unique "fingerprint".

Why use Hashes?

Verify Downloads: Downloaded a Windows ISO? Check its SHA-256. If it matches the website, the file is perfect.
Store Passwords: Companies don't store your password; they store the Hash. When you log in, they hash your input and compare the burgers.

7. Pass Hardening (PBKDF2)

Hackers use "Rainbow Tables" and "Brute Force" to guess passwords. PBKDF2 makes this nearly impossible.

The Salt

A "Salt" is random data added to your password. Even if two people have the same password "123456", their Salts will be different, making their final keys look completely different.

Iterations (The Speed Bump)

We run the hashing process 100,000 times (default). For you, it takes 0.1 seconds. For a hacker trying millions of passwords, it makes their attack 100,000 times slower and more expensive.