back




Joan is a Chrome extension for safely encrypting web form data.

Say you're submitting a web form; when you press submit, the data in the textboxes in the form are automatically encrypted. You don't have to do anything manually to encrypt the data.

Joan is the first system that makes it possible to write web apps that do all three of the following:
  1. encrypt data safely in the browser, inside a browser extension without trusting the server or tricking the user, and

  2. update what to encrypt easily: the choice of data fields to encrypt is controlled by the web server, and if one day different data fields should be encrypted the user doesn't need to update the browser extension, and

  3. require no manual effort from the user: data are automatically encrypted and automatically decrypted, without the user needing to click some button that encrypts or to continually enter a decrypt password.
A server attacker can't access decrypted data protected like this.

Although Joan today is closer to a framework for writing web apps, that's far from what I'd like (web) programming to evolve to. It's more accurate to say Joan is an exercise in writing web apps for some future version of the web, with an informal version 1 written for today's browser.

The live demo has been disabled.

Download or see Joan's safety and features.