Our Commitment to Security
NovelCrypt is built on the principle that your data should remain yours. We implement military-grade encryption and zero-knowledge architecture to ensure complete privacy.
We use AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode), the same encryption standard trusted by governments and military organizations worldwide. This provides both confidentiality and authenticity of your data.
All cryptographic operations use the browser's native Web Crypto API, which provides secure, hardware-accelerated encryption primitives. This ensures that encryption happens at the lowest possible level with maximum security.
Every message uses a unique, randomly-generated 256-bit encryption key created using crypto.getRandomValues(). These keys are cryptographically secure and cannot be predicted.
NovelCrypt implements a true zero-knowledge architecture, meaning we never have access to your unencrypted data. All encryption happens in your browser before data ever leaves your device. We never see your plaintext data.
All encryption happens in your browser before data ever leaves your device. We never see your plaintext data.
Encryption keys are stored in the URL fragment (#), which is never sent to our servers. Only recipients with the full URL can decrypt.