This form may provide a way to send encrypted e-mail messages.
There is no need for signature, as both sender and recipient should have communicated the secret password through the secure channel.
1. If encryption that uses single secret key is used to establish a secure channel, both parties must exchange the secret key in some secure manner (face-to-face, for example).
2. Encryption or decryption should not be done on this web page, because attacker might have cracked the server and replaced the original page with his/hers version that sends him/her the secret key
3. Encryption and decryption should be done through local, off-line web page that is known to be safe. "Safe" means that the source is obtained via a secure channel from the reliable source (if You trust me, I may be the reliable source and for "secure" channel we may use the old fashioned snail-mail). Otherwise, if You are familiar with JavaScript, You maight save this page and requierd security.js file to your hard-drive, check the code to ensure that it has not been tampered with, and then use that safe page to send and receive e-mail.
4. As a general rule, single, secret key is not too good method for communication, because the attacker maight crack the secret key with the time. This imposes the need for frequent change and communication of the secret key among all the parties. Far better solution is to use well known PGP as it does not involve communication of any keys! And is far more secret and reliable and thrust wordy than algorithm presented here!
This document: http://www.inet.hr/~tsereg/jse/mailit.html