draft-ietf-jose-hpke-encrypt-22

Encrypt a message to a public key, share it as a link.

HPKE.dev is an interactive playground for Hybrid Public Key Encryption with JOSE and COSE. Everything runs in your browser — the ciphertext travels in the URL fragment.

https://hpke.dev/decrypt#gzip:base64url:hpke:jwe:eNqNk1tv…

What it does

Two draft-22 formats

Integrated Encryption and Key Encryption (the -KE algorithms), auto-detected on decrypt.

Shareable links

The ciphertext lives in the URL fragment (#gzip:base64url:hpke:jwe:…) — it never reaches a server.

JOSE & COSE

Encrypt to JSON (JWE) or CBOR (COSE_Encrypt0) envelopes from the same public key.

Post-quantum ready

HPKE brings KEMs — including ML-KEM hybrids — within reach of JWE.

Runs on Web Crypto

Browser, Node, Deno, and Bun — no native bindings, no server round-trip.

Built on panva/hpke

A fresh, tested implementation on top of panva/hpke and panva/jose.

How it works

01

Generate a key

Create an HPKE-0 (P-256) key pair in your browser. Keep the private key; share the public one.

02

Encrypt a message

Compose text and seal it to the public key — pick Integrated or Key Encryption, JOSE or COSE.

03

Share the link

You get a /decrypt#… link. The recipient opens it and drops in their private key to read it.

Try it

Generate a key, then encrypt a message to it and share the link.

Recipient key
Generate an HPKE-0 (P-256) key pair. Keep the private key; share the public key.
Generating…