Legacy Encryption

Protocol Summary

A random salt (16 bytes) is generated using window.crypto.getRandomValues().
The combined key and salt are used in the deriveKey() function, which employs PBKDF2 (Password-Based Key Derivation Function 2) to derive a 256-bit AES key.
PBKDF2 is configured with:

The resulting AES key is suitable for AES-GCM encryption (Advanced Encryption Standard - Galois/Counter Mode)

A random Initialization Vector (IV) of 12 bytes is generated using window.crypto.getRandomValues().
The seed phrase is encoded into a Uint8Array using a TextEncoder.
AES-GCM encryption is performed using window.crypto.subtle.encrypt():


                        json { "salt": saltBase64, "iv": ivBase64, "ciphertext":
                        ciphertextBase64 }

strToArrayBuffer(str): Converts a string to an ArrayBuffer.
arrayBufferToStr(buf): Converts an ArrayBuffer to a string.
generateSalt(): Generates a 16-byte random salt.
deriveKey(password, salt): Derives a 256-bit AES key from a password (combined key) and salt using PBKDF2.
encryptData(plaintext, password): Encrypts the plaintext (seed phrase) using AES-GCM with a derived key, salt, and IV. Returns the encrypted data components.
encryptSeedPhrase(): Orchestrates the encryption process: retrieves user inputs, validates seed phrase, derives the key, encrypts the seed phrase, and displays the encrypted output.

AES-GCM: This is a modern, authenticated encryption mode, providing both confidentiality and integrity.
PBKDF2: Using PBKDF2 with a high iteration count (10,000) strengthens the key derivation process against brute-force attacks.
Random Salt and IV: Using random salts and IVs is crucial for the security of the encryption scheme.
Base64 Encoding: Base64 encoding is used for representing binary data as strings but does not provide any encryption.
Key Management: The security of this system relies heavily on the secrecy and strength of the benefactor and beneficiary keys.