Encrypt / Decrypt

Symmetric AES-GCM encryption with PBKDF2 key derivation (100,000 iterations, SHA-256). Two user-supplied secrets — Salt and Pepper — are concatenated as the passphrase. Both are required to decrypt; the secret can be split between two parties so neither alone can read the message. All processing client-side via WebCrypto.