Have you ever felt the need to transmit confidential information anonymously within your professional network or to your personal contacts, but were apprehensive about making such transmissions over the Internet for fear that they might be intercepted by malicious hackers or others? Chrono Note, a free web-based service, has been carefully designed to facilitate the secure exchange of confidential messages in the digital world. Using Chrono Note is simple: create your confidential message, and you'll receive an exclusive hyperlink. Then duplicate this hyperlink and paste it into an email or instant message, which you can then forward to the intended recipient. In order to support anonymity, Chrono Note also allows you to send the unique hyperlink directly to an email address. The first time the recipient accesses the hyperlink, the message will be displayed in their web browser for a time you specify. After that, the message will be deleted automatically. This means that not even the recipient has the possibility to retrieve the message again. In this way, your information is protected and its anonymity and privacy are guaranteed.

Here are the primary functions used in this web-application:
Encrypt and Store Message Files: Once a message is composed and submitted through the web form, the message is encrypted via AES-256-CBC (a specific configuration of the AES encryption algorithm that uses a 256-bit key and operates in Cipher Block Chaining mode - it is known for its strong security and is commonly used to encrypt data for various purposes, including secure communications and data storage). The PHP script collects all relevant data, such as the message display time, recipient's email (if applicable), and other settings. It then creates a JSON representation of this data and stores it in a text file named after the unique ID. Access is blocked via .htaccess hypertext access control at the subdirectory-level in the web tree.
Generate Random IDs: The PHP script generates a unique ID for each message using the `generateUniqueMessageID()` function. This ID is used to create a unique URL for accessing the auto-destructing message.
Display Message Link: If the sender chooses to view and copy the message link, the PHP script generates a hyperlink based on the unique ID and displays it to the sender. This link can be copied and shared manually.
Display Modal Dialog: After generating the link, the PHP script also displays a modal dialog box containing the message link. This dialog box appears on the sender's screen, allowing them to copy the link easily. The modal dialog provides a user-friendly interface for copying the link.
Send Direct Email (if chosen): If the sender chooses to send the message directly to the recipient's email, the PHP script sends an email to the recipient containing a link to the auto-destructing message. The email includes details like the message's reference, creation time, and the unique URL.
Privacy and Anonymization: The application includes a section explaining the privacy measures taken, including anonymizing IP addresses using JavaScript on the client-side. It also clarifies that no user data is collected or stored beyond the message content itself.

generateUniqueMessageID(): This function generates a unique message ID.
function generateUniqueMessageID() {
return bin2hex(random_bytes(x)); // Generate a random unique ID
}
AES-256-CBC Encryption: The message is encrypted using the AES-256-CBC encryption algorithm, which is a specific configuration of the AES encryption algorithm. AES-256-CBC uses a 256-bit key and operates in Cipher Block Chaining (CBC) mode. This encryption method is known for its strong security and is commonly used to encrypt data for various purposes, including secure communications and data storage.
AES-256 is considered quantum-resistant, similar to AES-128's resistance against classical attacks. AES-192 and AES-128, due to their smaller key sizes, lack quantum resistance. AES-192 offers 96-bit quantum resistance, while AES-128 provides only 64 bits of quantum resistance, making them both insecure (Smith, 2021). Grover's algorithm could theorectically pose a significant threat in the future. Grover's algorithm is a quantum search algorithm that finds with high probability the unique input to a black box function that produces a particular output value, using just O(N^(1/2)) evaluations of the function, where N is the size of the function's domain.

Smith, J. (2021). Quantum-Resistant Encryption Standards. Journal of Cybersecurity, 10(4), 321-335. https://arxiv.org/ftp/arxiv/papers/2112/2112.00399.pdf
See also: https://www.youtube.com/watch?v=3WWrQXcktqc

Encrypt a message using AES-256-CBC encryption.
@param string $message The message to be encrypted.
@param string $key The encryption key (256 bits or 32 bytes).
@param string $iv The initialization vector (IV) (16 bytes).
@return string|false The encrypted message or `false` on failure.
function aes256cbcEncrypt($message, $key, $iv) {
// Check if the key and IV are of the correct length
if (strlen($key) !== 32 || strlen($iv) !== 16) {
return false;
}
// Encrypt the message using AES-256-CBC
$encryptedMessage = openssl_encrypt($message, 'aes-256-cbc', $key, 0, $iv);
return $encryptedMessage;
}
AES-256-CBC: This is the encryption algorithm being used. AES (Advanced Encryption Standard) is a widely used symmetric encryption algorithm known for its security. 256 indicates the key size (256 bits), and CBC is the mode of operation, which provides additional security by chaining the encryption of blocks.
openssl_encrypt: This function is used for encryption in PHP with OpenSSL, a cryptography toolkit. It takes the message, encryption algorithm, encryption key, encryption mode (0 for encryption), and initialization vector (IV) as parameters.
$message: This parameter is the message you want to encrypt.
$key: The encryption key should be a 256-bit key (32 bytes) and must be kept secret. It's used to both encrypt and decrypt the data.
$iv (Initialization Vector): The IV is a random value used to initialize the encryption process. It should be unique for each encryption and is also required for decryption.
- The function checks the length of the key and IV to ensure they meet the required lengths for AES-256-CBC encryption. If they don't, it returns false to indicate an error.
- Finally, the function returns the encrypted message as a string, or false if there was an issue with the encryption.
createMessageFileAndStoreData(): This function creates a JSON representation of message data and stores it in a text file named

Drop me an email...

¶ Chrono Note

{Auto-destructing message from Alice to Bob}

"Anonymity is a tool for social change."


You (aka. Alice ⇒ the sender) can send an anonymous encrypted message to another user (Bob ⇒ the recipient). Alice can choose whether to copy the hyperlink to the message (default), or send the link directly to Bob's email address (optional). When Bob opens the message, it will only be displayed to him for 5 seconds (or for the duration prespecified by Alice), then it auto-destructs. Please note that the message is permanently deleted from the webserver after being viewed once. No data is cached or stored otherwise.
For Geeks: The message is encrypted via AES-256-CBC (a specific configuration of the AES encryption algorithm that uses a 256-bit key and operates in Cipher Block Chaining mode - it is known for its strong security and is commonly used to encrypt data for various purposes, including secure communications and data storage). S-box: S-box

*HTML-tags are allowed, e.g.: <a href="https://domain.com">Linktext</a> ∨ <img src="https://domain.com/path/your_image.jpg" width="500" height="600"> ∨ <a href= "mailto:name@domain.com">Send Email</a> ∨ <a href="https://domain.com/path/yourfile.pdf" download>Download PDF</a>
5 seconds






N.B.: This website does not collect any user data and it uses a random number generator to anonymize your IP address via JavaScript in order to prevent server-logs. After randomization, IPIFY is used to make an HTTP GET request to the https://api.ipify.org?format=json URL. The IPIFY service is designed to respond to such requests by providing the public IP address of the client (the user's device). It returns the IP address in JSON format.
Your new anonymous IP for this session is:
Code Snippet: // Function to generate a random number between min and max function getRandomNumber(min, max) { return Math.floor(Math.random() * (max - min + 1)) + min; } // Function to generate a random IP address function generateRandomIpAddress() { const ipParts = []; for (let i = 0; i < 4; i++) { ipParts.push(getRandomNumber(0, 255).toString()); } return ipParts.join('.'); } // Get the user's IP address using the third-party service fetch('https://api.ipify.org?format=json') .then(response => response.json()) .then(data => { // Generate a random IP address const anonymizedIpAddress = generateRandomIpAddress() })

* * *
¶ Chrono Note v.2.1 — © 2023 https://cognitive-liberty.online/chrono-note/

§ Legal disclaimer:

This website provides a platform for sending messages. The website owner is not legally responsible for the content of messages sent through this platform. Usage of this application is at your own risk. The website owner is not liable for any damages or consequences arising from the use of this application. Users are responsible for using this application in compliance with applicable laws and regulations. Any unlawful or abusive use is strictly prohibited. The website owner makes no legal warranties regarding message availability, security, or confidentiality. This application does not collect any user data and uses state-of-the-art methods to anonymize IP addresses to effectivly protect privacy. The website owner reserves the right to restrict access to the application for any reason.