You don’t want to encrypt with JavaScript, especially on the client-side where it is open to tampering, and has no cryptographically secure random number generator.

I’ve tried implementing one but I had some encoding issues.

You tried to write your own encryption algo? You’ve gone against everything that the security world hold dear. No. Actual tutorials that explain how encryption works are so scared that people are going to screw things up because they don’t understand the math behind it, I’ve actually seen this in one of them:

If you don’t understand encryption, things like, what "cryptographically secure pseudo random number generator" actually is, and common attacks on it, you shouldn’t do that.

If you don’t understand things like side-channel attacks, you shouldn’t do it.

If you don’t understand what’s going on in crypto and have read at-least two books on it you have no business implementing it.

Crypto is not a magic black box, it’s something that is very VERY easy to screw up, even without touching any bit of code in a packaged solution.

What should you do? Forget about JS encryption. I know, I’ve tried it myself. It’s a waste of time. Learn from my mistakes.

Go get an SSL certificate, SSL is the best way for us to encrypt messages on the transport level from a server to a client. It’s about as secure as you can get. If you face an advesary that can defeat SSL, trust me, your JS-based crypto is also compromised.

Once it’s at the server where it’s secure from being tampered with, encrypt it. Anything else is a really long way to waste your time.

Also, go read these books:

![This one is free][4]


[![This one is cash money][5]][5]
_{(source: [schneier.com](}https://www.schneier.com/images/book-ce-150w.jpg))

Then when you understand them come back and scream at me about why I’m wrong and don’t understand how much you need JS on the client to do crypto.