The first uploaded encrypted file, for which you must provide the correct 1024-bit ML-KEM private key to decrypt, contains a dangerous secret that the world should never know (haha).
https://www.axew3.com/w3/w3mypq/?w3down ... 5dd7889d0f
Code: Select all
=== w3mypq ===
Contributors: axewww
Tags: Encryption, privacy, post-quantum, ml-kem, secure-file-sharing
Requires at least: 6.2
Tested up to: 7.0
Stable tag: 1.0.0
License: GPLv2 or later
Requires PHP: 7.4
Text Domain: w3mypq
Quantum-Ready Privacy: Your Data, Your Keys, Always. Encrypt and share files using cutting-edge Post-Quantum Cryptography.
== Description ==
**Next-Generation Security for a Zero-Trust World.**
This plugin provides a state-of-the-art cryptographic vault for your WordPress site, ensuring your privacy. We protect your data against both today's threats and the quantum computers of tomorrow.
### Key Security Features:
* **Post-Quantum Ready:** Uses **ML-KEM** 1024 for secure key exchange and **ML-DSA** (FIPS 204) for sender identity verification.
* **Engine:** Files are encrypted locally in the user's browser using **AES-GCM-256** and SHA-512 (for Hashing/Integrity) before they ever touch the server.
* **Zero-Knowledge Architecture:** the server never sees real data. It only stores encrypted data that nobody can read.
* **Secure Multi-Recipient Sharing:** Encrypt one or multiple file for multiple users. Each recipient uses their unique **private key** to decrypt the content locally.
* **Sender Verification:** Use ML-DSA signatures to check the sender's identity, ensuring the file hasn't been tampered with.
* **Guest Mode:** Offers a "no-trace" mode for fast local encryption and decryption without storing any files on the server.
* **Strength:** Encryption Level 5 NIST-compliant
== Installation ==
1. Upload the plugin folder to the `/wp-content/plugins/` directory, or install directly through the WordPress plugins screen.
2. Activate the plugin through the 'Plugins' screen in WordPress.
3. Add the shortcode [w3mypq_short] to any page or post where you want the vault tool to appear.
4. Use this tool to generate keys, encrypt files, and share them securely with others. You can also use it for personal storage by encrypting files on your local drive.
5. Customize the design: For safe customization, copy the folder w3mypq-custom (found inside the plugin) into your main /wp-content/plugins/ directory. Edit the files (w3mypq.css and w3mypq_body.html) within /wp-content/plugins/w3mypq-custom/ to use your own CSS and HTML.
6. Note to customize: The plugin automatically checks for these 2 custom files; if they are found (w3mypq.css and w3mypq_body.html) within /wp-content/plugins/w3mypq-custom/, they will be served; otherwise, the defaults will be used. This ensures your changes are not overwritten during plugin updates.
== How to use for users ==
1. Guests users
Guests can encrypt files directly in their browser. The server has zero knowledge of their data. No recipients can be added, and the encrypted files are not stored on the server. Guests must save their keys along with the encrypted files to be able to decrypt them later for their own personal use.
Alternatively, guests can encrypt files using a recipient’s public key without saving that key to a profile. To do this, simply load the public key directly into the application before encrypting. The server will not store this key, ensuring the entire process remains private and secure.
Click into Get keys
Save ML-KEM – Private to decrypt and Public key to encrypt (and all other formats for convenience).
2. Registered users
Unlike guests, registered users can add multiple recipients to encrypted files and save Public keys directly to their user profiles.
Recipient Access: When a registered user adds recipients, those recipients will automatically receive an email notification containing a secure link to the encrypted files. To access and read the data, recipients must provide their corresponding private key to decrypt the files locally right in their browser.
Profiles support: both ML-KEM public keys for secure data encryption and ML-DSA public keys for verifying digital signatures. This allows registered users to seamlessly manage secure, authenticated, and quantum-resistant communications.
Click into Get keys
Save ML-DSA private to sign and ML-KEM Private key to decrypt (and all other formats for convenience).
= Help pages =
w3mypq help page with common questions, setup, usage guides, and answers to frequently asked questions:
[w3mypq online working example](https://www.axew3.com/w3/w3mypq/)
[How to use](https://www.w3it.org/mypgp/how-to-use-w3mypq/)
[How to use for users](https://www.w3it.org/mypgp/how-to-use-w3mypq-for-users/)
== Frequently Asked Questions ==
= What it do? =
The plugin uses a state-of-the-art cryptographic stack to ensure your privacy. Using ML-KEM for secure key exchange and ML-DSA for sender verification, it protect your data against both today's threats and the quantum computers of tomorrow.
Your files are encrypted right in your browser using AES-GCM-256 before they ever leave your device. The server has zero knowledge of your data—it only stores ciphered files that nobody can read.
Recipients receive an email link and use their own private keys to verify the sender and decrypt the downloaded content locally. For guests, it offer a "no-trace" mode: fast encryption and decryption without any files ever touching the server.
Share Securely. Decrypt Locally. Trust Nothing Else.
Next-Generation PQ Security for a Zero-Trust World.
= Does the server store/see my private key? =
No. Both encrypt/sign (ML-KEM and ML-DSA) Private keys are generated locally and should be stored securely by you. The server only knows your public key to allow others to encrypt files for you (using your Public ML-KEM key) or to check the file signature (using your Public ML-DSA key).
== Frequently Asked Questions ==
== PQ Noble library ==
The Noble library can be easily compiled like this one used on w3mypg (ML-KEM + ML-DSA) or by using any of the other available libraries found [here](https://github.com/paulmillr/noble-post-quantum#usage).
= What are ML-KEM, ML-DSA =
These are the new National Institute of Standards and Technology (NIST) standards for Post-Quantum Cryptography (PQC), designed to be secure even against future quantum computer attacks. This plugin uses the [Noble PQ](https://github.com/paulmillr/noble-post-quantum) library, providing Level 5 NIST-compliant security. It includes ciphers, curves, hashes, post-quantum modules, and 5kb secp256k1 / ed25519 primitives, alongside a WASM version via awasm-noble.
== Changelog ==
= 1.0.0 =
* Initial release with ML-KEM, ML-DSA, and AES-GCM support.
* Support for local browser-based encryption.
* Version 1.0 only support Php server limit. Do not offer actually upload of big files. Support for very large file uploads is not yet available.
* Version 1.0 is available for all registered users and guests. It does not currently distinguish between user groups for encryption permissions (however, you could restrict access by placing the shortcode on a protected page).
https://www.axew3.com/w3/w3mypq/