AES-256-GCM · Fully Offline · Open Source

Your Message.
Your Lock.

Encrypt your content before it leaves your device. Send it anywhere. It stays locked - no matter where it lands.

Get CipherBrick Free See How It's Different →
256
Bit Encryption
0
Data Stored or Sent
9
Languages
Channels It Works On
// What Makes It Different

Most encryption protects the journey.
We protect the destination.

📱
SENDER
🔒 ENCRYPTED IN TRANSIT
👁️
ARRIVES AS
PLAINTEXT

Encrypted in Transit.
Exposed on Arrival.

The channel is locked. But the moment your message lands - it's readable. One wrong contact. One unlocked phone. Everything exposed.

⚠ Encryption ends on arrival
🔒
ENCRYPTED
CONTENT
ANY CHANNEL
🔒
STILL
LOCKED

Locked Before It Leaves.
Locked When It Arrives.

CipherBrick encrypts the content itself. The channel doesn't matter. The destination doesn't matter. Only the right key opens it.

✓ Encryption never expires
// How It Works

Four Steps. That's It.

01
✍️

Write your message

Type anything - a password, a document, sensitive details.

02
🗝️

Set your key

A secret known only to you and your recipient. Optionally add a physical hardware key.

03
🔒

Encrypt

One tap. AES-256 runs locally on your device. Nothing leaves.

04
📤

Send anywhere

Text, email, QR code, audio tone. Your choice. The lock stays on.

// Features

Everything You Need. Nothing You Don't.

🔐

AES-256-GCM Encryption

Military-grade with built-in tamper detection. Used by governments and financial institutions worldwide.

🔑

Hardware Key Support

Use a FIDO2 security key as your identity. Only your key can decrypt - no password required.

🔄

Secure Key Exchange

Built-in ECDH wizard lets two parties agree on a shared key without ever transmitting it. No pre-shared secret required.

🔊

Audio Transmission

Transmit encrypted payloads as audio tones between devices. No internet. No Bluetooth. No trace.

📷

QR Code Payloads

Generate and scan encrypted QR codes. Share visually, air-gap friendly.

Fully Offline

All encryption happens locally. Nothing is stored, logged, or transmitted by the app. Ever.

// Who It's For

Built for Real Scenarios

👤

Personal Privacy

Share account details or sensitive documents without worrying about who else might see them.

🏢

Teams & Businesses

Send credentials and confidential data over the tools you already use - safely.

⚕️

Healthcare & Legal

A strong second layer of protection when sharing sensitive client or patient information.

📡

Off-Grid & Field Use

When you can't control the channel, encrypt the content before it enters it.

🔑

Advanced Security

Add a physical hardware key for two-factor protection at the content level.

💻

Developers

Open source, MIT licensed. Audit it, fork it, self-host it.

// Common Questions

Straight Answers

All encryption and decryption runs locally using the Web Crypto API built into your browser. CipherBrick has no backend, no server, and no telemetry. The source is MIT licensed and fully auditable on GitHub - you can verify there are no outbound requests yourself.
Yes. The encrypted payload is a self-contained string. Anyone running CipherBrick - on any device, any supported browser - can decrypt it with the correct key and salt. No accounts, no sync, no server handshake.
No. The default mode works like any encryption tool: set a key, encrypt, share. There's also a simplified mode that handles the technical details automatically, so you only need to share a single password. Advanced options like hardware key support are there if you need them, but never required.
Any method you're comfortable with works. The simplest option for most people is verbally - a phone call or in person. Nothing written, nothing transmitted. You can also send the key through a separate channel from the encrypted message - even if someone sees the message, it's useless without the key.

If you want a more formal approach, CipherBrick includes a built-in Key Exchange Wizard. It lets both parties arrive at a shared key without ever transmitting it - each person shares only a public key, which is safe to send openly.
There is no recovery. CipherBrick has no servers, no accounts, and no recovery option - your data stays entirely in your control.

Think of it like a combination you set on a safe yourself. Nobody else ever knew it, so nobody can give it back. Whatever you used to encrypt - a password, a password pair, or a physical security key - keep it somewhere safe. If it's gone, the encrypted content is gone with it.
CipherBrick provides strong AES-256-GCM encryption as an additional layer on top of whatever channel you use. It does not replace a comprehensive compliance program, and we make no specific HIPAA/GDPR compliance claims. Consult your legal and compliance team for your specific regulatory requirements.
🚫
No Account Required

Open the app and start encrypting. Nothing to sign up for.

📡
No Data Leaves Your Device

No analytics, no crash reporting, no telemetry of any kind.

🔍
Fully Auditable

MIT licensed. Every line of code is public. Read it, fork it, verify it.

📴
Works Without Internet

Installs as a PWA. Runs completely offline after the first load.

📄 Read the White Paper

A Technical White Paper on Browser-Native, Zero-Trust Encrypted Messaging - the full philosophy and technical approach behind CipherBrick.

Download PDF →
// Get CipherBrick

Free on Every Platform

🌐

Web App (PWA)

Install from your browser. Works fully offline after install.

Coming Soon
📱

Mobile

Native apps for iOS and Android.

App Store — Coming Soon Google Play — Coming Soon
🐙

Open Source

Full source on GitHub. MIT licensed. Self-host on any static server.

Open Source — Coming Soon