PadLock


Disposable-Key Cipher (DKC)

1260123538 UE

Padlock is a Javascript-based I.C.S. interface that allows you to perform a One-Time Pad encryption or decryption process with support for multiple numeral systems.

Javascript must be enabled to utilize this program.

For instructions or to browse the Frequently Asked Questions (FAQ) section please read below.


Numeral Systems


Plaintext (Message)


Key


Ciphertext




Documentation

01. How to Operate

There are five main controls associated with Padlock: Numeral Systems, Plaintext, Key, Ciphertext and the Encrypt/Decrypt buttons.

Additionally there are two optional controls: Obfuscate and Preserve Special Characters.

NOTICE: To use this application you must have a pre-generated key. This program does NOT generate keys for you; it only uses the key(s) you supply.

For resources to generating keys please see our answer to the 'Where can I generate keys?' question in our FAQ section.

1.1 Encrypting

A). Select the numeral system (see Numeral Systems) used when generating your key.

B). Input your covert communications into the text area labeled 'Plaintext (Message)'.

Characters used that are considered outside the selected numeral system will be considered invalid and removed unless Preserve Special Characters is enabled.

Blank spaces, however, are always preserved.

C). Paste your key into the text area labeled 'Key'.

D). Click the 'Encrypt' button.

Padlock will process your message according to the key you supplied and generate the needed ciphertext.

The ciphertext is the only piece of information you transmit.

1.2 Decrypting

A). Select the numeral system used during the encryption process of the ciphertext.

B). Add the ciphertext into the text area labeled 'Ciphertext'.

Characters used that are considered outside the selected numeral system will be considered invalid and removed unless Preserve Special Characters is enabled.

Blank spaces, however, are always preserved.

C). Paste your key into the text area labeled 'Key'.

D). Click the 'Decrypt' button.

Padlock will process your ciphertext according to the key you supplied and reveal the secret message (plaintext).


02. Frequently Asked Questions

2.1 "What is this program and what can it do?"

This application is a Javascript-based encryption and/or decryption algorithm based off the One-Time Pad (OTP) cipher.

Our hopes are to automate the otherwise tedious manual task of adding and subtracting characters. By combining modern technology with a proven and secure cipher we wish to offer a service to OTP operators.

When encrypting; Padlock will find the sum of the plaintext and key that were supplied by the user. When decrypting; the program will find the difference of the ciphertext and key supplied by the user. All of this is done with a modulus according to the numeral system selected.

The results are outputted as ciphertext or plaintext, respectively.

2.2 "What is a One-Time Pad?"

A One-Time Pad is an encryption/decryption cipher easy enough to implement in a low-tech environment (one only needs a pencil and paper) and is considered a 'classical cipher'.

When an OTP is properly utilized it is theoretically unbreakable.
This is not an exaggeration: The cipher has been mathematically proven to be virtually impossible to crack despite the computational power, time or expertise an eavesdropper may posses.

No other cipher currently known to man can claim such a feat.

The foundation of the crypto can be illustrated in the simplicity of the equation 1 + 1 = 2.

When two numbers are added together they render a sum.
This sum, when by itself, offers no information on what individual numbers were combined to form it.

The number seven, for example, could have been composed by adding one with six, or two with five, or three with four and so on. When an eavesdropper only has the number seven to work with; they have zero leads on what two individual parts were used to form the number.

Learn more about One-Time Pads...

2.3 "Is any information being sent over a network?"

Absolutely not. This program was built from the ground up with privacy and security in mind. Every part of Padlock is Javascript-based and only uses client-side commands.

In fact this application can even be run from an off-grid computer (a machine disconnected from the Internet or perhaps any other network).

Of course don't take our word for it: We encourage you to verify the integrity of the source code of this application.

See why we chose Javascript for this program...

2.4 "What are numeral systems?"

Numeral systems are bases of numbers used in mathematics, science and technology fields (as well as many others). The most common numeral system is base 10, also known as the Decimal system which ranges from zero (0) to nine (9).

Some numeral systems are very simple; such as the Binary system which consists of only two numbers: zero (0) or one (1). Other numeral systems are quite large; such as base 36 which uses letters to represent numbers higher then nine (9).

A numeral system such as base 36 would range from zero (0) to nine (9) just as the decimal system does; then continue to A, followed by B, then C and so on until it ends at Z (for a total of 36 possible values).

Which numeral system to use depends largely in part on what kind of information you wish to encrypt, how the information will be transmitted, and who or what will be reading it.

If, for example, you wanted to encrypt information in a manner that a computer could read and understand it, binary might be the right choice. However if you wanted something more human-readable base 26 (alphabetical) or base 36 (alphanumerical) might be the one for you.

Learn more about numeral systems...

2.5 "Where can I generate keys?"

The security of the One-Time Pad cipher hinges on the key. When a key is properly prepared and utilized the encryption is theoretically unbreakable. However, if the key is poorly generated or mismanaged your message can be compromised.

Padlock does not generate keys. However there are free services one can take advantage of to generate secure keys.
Whatever service you choose it is always recommended that your key be completely random, kept secret, used ONLY once and properly deleted.

The following are a few services worth investigating; each with their own pros and cons:

  • Fourmilab.ch - Pseudo-Random One-Time Pad Key Generator
  • Random.org - True Random Number/String Generator
  • Lavarnd.org - Cryptographically Secure Random Number Generator

Be aware there are many other ways and services to generate either true or pseudo random numbers (such as the /dev/random device in unix-based platforms).

Learn more about random number generation...

2.6 "Why is this application written in Javascript?"

SECURITY: Javascript is what's called a 'client-side' language. This means all the operations that occur within Padlock occur on the local machine running it and nowhere else.

No data is sent over a network or to a remote server. Eavesdropping techniques such as packet sniffing or other network-based 'man-in-the-middle' attacks are impossible during encryption/decryption.

This application can even be run from an off-grid computer (a machine disconnected from the Internet or perhaps any other network).

FREEDOM: This program only requires a compatible browser to operate. It is platform independent and requires no special software to run.

It does not need to 'phone home' to a remote server so it's services will never rise or fall on the fate of an external domain.

This application can be saved and used elsewhere. All one has to do is save this page. To use, modify, copy or share Padlock with someone else (see 'Is Padlock copyrighted?') simply select the 'File' menu on your browser and select 'Save As' or 'Save Page As'.

TRANSPARENCY: The code written to make up this program is open source. Anyone can view any line of the code simply by right clicking somewhere on the page and selecting 'View Source' (if running Internet Explorer) or 'View Page Source' (if running Firefox). Every command is open to the world to study, scrutinize and test insuring there are no bugs (unintentional mistakes) or malicious commands hidden within.

Ironically it is this transparency that insures the secrecy of your messages.

2.7 "Is Padlock copyrighted?"

Yes, it was copyrighted to Kyle Mecklem in 2009.

However Padlock is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

See the GNU General Public License for more details. You can receive a copy of the GNU General Public License by visiting
http://www.gnu.org/licenses.


03. Troubleshooting

A lot of pride is behind the creation of Padlock. Many man hours have gone into writing and rewriting the underlying code, troubleshooting and editing various elements of this document. Most (if not all) of the bugs have been hammered out before Padlock ever went live.

However, an occasional bug may still be lurking behind the scenes. If you discover a glitch or mistake please inform the original author so the problem can be fixed immediately.

Please properly study the underlying code of this application as there is NO guarantee it will work poperly (if at all) or that the security of this software has not been compromised.


Thank you for taking the time to visit and/or contribute to Padlock!