writing

cryptography

Garbage in plain sight

Passphrase-protected static-site content

October 2nd, 2022

I just added a book highlights section and plan to slowly make available highlights from books I read. Many of these books are in the public domain, but some aren’t. I don’t want to be deprived of highlights from books I have deeply enjoyed, but I also don’t want to be on the receiving end of a copyright infringement claim. (NB: This site is mostly meant for my personal consumption).

There are circumstances where limited use of copyrighted material is allowed without having to first acquire permission from the copyright holder. It is called Fair Use, and it’s a limitation to copyright intended to balance the interests of copyright holders with the public interest in the wider distribution and use of creative works (source: Wikipedia [1]).

However, I do not know if this particular case of book highlights falls under Fair Use. Frankly, I don’t want to find out.

Static sites

This is a static site, which means the content of this site is generated once, in the form of html files and is served from a Content Delivery Network (CDN)[2]. I like static sites. I talk about it here. However, static sites must ship all the content to all visitors. In this particular case that means making the book highlights public. The problem I am trying to solve is simple: Make public book highlights accessible to me, but not others.

Figure 1: Passphrase to access some content
Figure 1: Passphrase to access some content

The content we want to hide is public, however public does not mean it is understandable.

Encrypted content

In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext (source: Wikipedia [3]).

More precisely, we want to encrypt some plaintext into ciphertext using a secret passphrase.

plaintext -> encrypt with passphrase -> ciphertext

This way visitors to the site see the ciphertext of certain book highlights, but only the one who knows the passphrase is able read the original content:

Publicly accessible ciphertext

61m8X+mxQsd6MGxAdaJ4a3DQogQvtSFeqqRo60UCwfn0t8s6HX2trzYLtlt4/aCUiczi2uW/YsTMmCZLKscEN2MTpnUy+b8wi1gJWc/RTos=

And here is the plaintext, which we encrypted with passphrase password.

The happiness of your life depends upon the quality of your thoughts. Marcus Aurelius – Meditations [4]

This example is using the Advanced Encryption Standard (AES)[5]. Also, please do not, ever, use “password” as a key for anything.

What next

“Next” depends on your setup. You need to have enough control over your static site generator to tweak its behaviour. If that’s the case, depending on the programming language you are using, pick a popular cryptography package or library (ideally part of the standard language), a good encryption algorithm (like AES), and encrypt the content you are interested in. Next, instrument a way for the page to ask for a passphrase, upon receiving which it will try to decrypt the ciphertext that was shipped with the static site, and render the original content.

Here is a live example of passphrase-protected content in this site: Letters to a young contrarian.



  1. Fair Use - Wikipedia. ↩︎

  2. Content Delivery Network - Wikipedia. ↩︎

  3. Encryption - Wikipedia. ↩︎

  4. Marcus Aurelius - Meditations - Standard Ebooks ↩︎

  5. Advanced Encryption Standard (AES) - Wikipedia ↩︎

© For my personal consumption.