Paste.me

Screenshot of paste.me

This site provides an encrypted pastebin alternative. (One of many)

Every submitted paste is sent to the server in an encrypted form. All data sent to the server (paste, name of the paste) is encrypted with AES-GCM, the key which is used for encryption/decryption is newer sent to the server.

The key and all data is generated client side, submitted in encrypted form, and then if retrieved, decrypted client side with the key provided after the hash-tag in the url. This key is only known to the client which submitted the paste and thus, generated the encryption/decryption key.

The key (since it is only present prefixed with a hash-tag and generated client side) does not pop up in the access logs and this way the hosting provider does not know the encryption/decryption key.

The server and associated database does not know what it is storing and this way it serves only as a data storage to our encrypted data.

For previous references, see my previous posts:

Pastedb is now Paste.me

Project: PasteDB

Richard Szolár
Richard Szolár
Software Developer

Software developer with many years of experience. Tech enthusiasts, recently working with Go and React. Also reading a lot of 📚 and I ❤️ art 🍿🎬