This document details the cryptography used in this project.
This project uses SJCL for the encryption of it's messages.
Specifically it uses the default convenience encrypt function, documented here:
http://bitwiseshiftleft.github.io/sjcl/doc/sjcl.json.html
The cipher used is AES, with a block mode of CCM and key size of 128 bits.
The secret key used for the encryption is generated by use of sjcl.random.randomWords(8) (which is 256 bits?)
While the server does not do any encryption of the message, it does provide the functionality to anonymize visitor IPs that are otherwise displayed in the Visitor Log.
It uses python's standard hmac, secrets and hashlib libraries.
It uses a construction of HMAC-SHA256(key, ip) to mask IP addresses. secrets.token_bytes(32) is used for the key to generate 32 bytes (256 bits) of securely random bytes for the key. The key is unique to the message submitted, this is so that for any message the same IP will always have the same identifier.