Google Chrome extension for interfacing securely with PasteBin.

Write or paste anything into a modern code editor, encrypt it right in your browser, and post it to PasteBin in one click — or skip encryption and use it as a plain Pastebin client. securebin works out of the box; add your own PasteBin API key in Settings to post under your account. To learn more about the project and its design decisions check out the Wiki page.

Get from Chrome Web StoreSee Latest ReleaseRead the Wiki

A Pastebin client

The official Pastebin extension is no longer on the Chrome Web Store — securebin fills that gap. Paste code or notes, get automatic language detection and syntax highlighting, set the title, format, expiry, and visibility, and post. Connect your Pastebin account to manage your cloud pastes.

Secure mode

Flip the lock and securebin encrypts your text locally with AES-GCM before anything touches the network. Only ciphertext is posted to Pastebin — share the link through one channel and the key through another, and only your recipient can decrypt.

What's new in v2

Version 2 is a complete rewrite of the extension with a focus on speed and polish:

Goal

The goal of securebin is to provide an extra level of privacy with 3rd party services you may use. We have natively integrated the Pastebin api to allow users to quickly upload and share encrypted text. Users also have the ability to encrypt text to their clipboard and share it with other 3rd party services like WhatsApp, Email, Etc.

Disclaimer

securebin is not designed to protect against those with physical access to your computer. Due to the nature of extension storage in Chrome, any data that is stored in the extensions history or settings tab are stored unencrypted.

Security Overview

securebin v2 is built on the browser's native Web Crypto API — all encryption and decryption happens locally, in your browser, using the same primitives the browser itself trusts.

Encryption Modes

securebin supports AES symmetric encryption in two modes for new content:

  • GCM (Default — authenticated encryption)
  • CTR

Supported key lengths are: 128, 192, 256. Ciphertexts created with CBC in earlier versions can still be decrypted, but CBC is no longer offered for new encryptions because it lacks an authentication tag.

Usage

When encrypting, users receive a randomly generated passkey or can enter their own. The passkey is used with a randomly generated 128-bit salt to derive a key using PKCS5/PBKDF2 (SHA-256).

After encryption, the following cipher text will be generated and displayed to the user.

What is public?

  • Cipher Text
  • Encryption Mode
  • IV
  • Tag (Only with GCM Mode)
  • Salt (Only with Password Encryption)
  • Key Length (Only with Password Encryption)

What is private?

  • Key
Read more in the Wiki