PassLok for Email enters beta

logo v2-440x280 emailJohnny can’t encrypt. It’s no use. . . . This is what has been said repeatedly about mere mortal users and encryption, which forever has been the domain of black chambers and mathematical geniuses. Scores of companies have tried to get around this problem by hiding encryption in their servers, far away from users’ eyes.

And yet, studies have shown that this creates another problem: if I can’t see any of the encryption, how can I relax and be sure that this message where I’m risking my career, maybe my life, is truly away from prying eyes? Just because the software tells me to relax?

PassLok does not hide encryption from users, and it tries hard to make it accessible. This is why the next step in its development is so important. PassLok for Email is a new Chrome extension that adds PassLok encryption to regular web-based email apps. Its beta, which supports Gmail, Yahoo, and Outlook online, has just been released for public testing.


The FBI won’t like this post

villainI fully expect to start hearing funny clicks on my cellphone or see people in trench coats behind me after finishing this. Perhaps you, who are reading the article, will have a similar experience.
The reason? Here I’m telling you why all the current debate on whether the FBI and other law-enforcement agencies should have access to an individual’s encrypted information is moot, because that individual doesn’t really have to rely on anyone else in order to thwart that effort. (more…)

Chaos from Order

order_chaosA9_v2Sounds like a play on words, doesn’t it? And yet, this is exactly what I mean. Sixty years ago, renowned mathematician John von Neumann, published a little trick that allowed using a biased coin, where heads and tails do not come out at 50-50, to generate a true, unbiased, 50-50 random sequence. It turns out that this trick can be extended to larger sets, such as alphabet letters, in order to generate what appears to be a true random sequence of letters (chaos) from common text (order, unless you’re starting from a political speech or your latest cellphone bill).

The result, as you probably have already guessed, is yet two more paper-and-pencil ciphers, DicePad, and LetterPad, that come dangerously close to perfect unbreakability. (more…)

Three new ciphers from the early XIII century

Back in 1202, the Italian mathematician Leonardo Bonacci, also known as Fibonacci, included in his book “Liber Abaci” (Book of Calculation) a sidebar illustrating how quickly rabbits breed. It seems that his primary goal, in addition to raising some awareness about the population explosion experienced by those animals back then, was to show how Indo-Arabic numbers (which for the first time included the zero) could be used in a calculation of practical importance.

The rest is history. The zero caught on and the sidebar calculation, which became known as the “Fibonacci sequence,” occupied mathematicians for the next eight centuries. We don’t know, however, what exactly happened to the rabbits; but their population growth must have been checked somehow, otherwise now we’d be swimming in a sea of rabbits hundreds of meters deep.

One of the things that the Fibonacci sequence is good for is to generate a series of apparently random digits, if we only keep the last digit of every operation. This can be used for encryption, although it has to be done right. Well, after a couple of false starts, which you can read about in this article, I think I finally cracked it, and the result is three new ciphers: “Numeracci”, “Letteracci”, and “Subtracci.” (more…)

Extracting randomness from text

trithemiusMy BookPad cipher seems to be closely related to the running key cipher, since both take a long piece of text from a book and use it as key to encrypt a plaintext. Yet while the running key cipher can be broken easily, BookPad offers a level of security comparable to that of a one-time-pad. In this article, I try to explain why in layman’s terms. As a bonus, I introduce TripleText, a variant of BookPad where all the operations are done directly with letters.

A little spoiler: not much prevented the guy on the left from discovering this, back in the early XVI century. Had he discovered it, history might have turned out quite different.


Cracking the BookPad cipher

BookPad is a paper and pencil “one-time pad” cipher, described in this other post. Real cryptographers are leery of ciphers claiming to be incarnations of the unbreakable one-time pad for good reasons, the best of them being that true one-time pads must contain perfectly random numbers, which not even a computer can produce. In this post, therefore, I put on my cryptanalyst’s hat and attempt to break a longish message encrypted with BookPad.

Who will win? Find out after the break. (more…)

All my apps updated

Just a few lines to make aware of nice updates to all my current apps: PassLok, SeeOnce, URSA, and BookPad:

PassLok 2.2.8: now includes the theoretically unbreakable Pad mode, inspired by the one-time pads used by spies during the Cold War. To use it, simply enter a large piece of text (from a book or encoded file) after clicking Edit. Items locked this way can be unlocked in URSA, and vice-versa.

SeeOnce 1.0.2: changing your Password no longer interrupts ongoing conversations. Simply start using a new Password, and supply the old one whenever SeeOnce asks you for it.

URSA 4.0.1: adds Pad mode as in PassLok. To use it, simply enter a large piece of text into the Key box. Output is compatible with PassLok.

BookPad 1.0: the new kid on the block. This is a variation of the unbreakable Pad mode that can be performed with pencil and paper. The app simply makes it easier to learn, but it is not strictly necessary. You can find it at

A new look at one-time pads

otpOne-time pads are the stuff of spy movies. The one unbreakable cipher was used extensively during the Cold War but was eventually overshadowed by computer-based algorithms, which are way faster than this paper-and-pencil method, and provide enough security for the time being. Even the looming threat of quantum computing seems unlikely to change this state of affairs.

But still one-time pads, in a more modern, digital incarnation, are not going away. Recently Zendo introduced a messaging app based on “one-time pads” made by a pseudo-random number generator running on a mobile device, which are exchanged between devices off-line. In this article, I discuss whether this makes any sense anymore, and what would be the simplest way to achieve this Holy Grail of cryptography, provided it is possible at all, using modern digital tools. (more…)

BookPad, a paper and pencil “one time pad” cipher

one-time-padsIn another article, I describe how text taken from a book in your library can possibly be used to serve as a one-time pad of sorts, since normal text also contains some unpredictability. The trick is to use a piece of text from an agreed-upon book that is five times the length of the plaintext. That method uses a computer-based hash function, but in this article I tell you how to obtain good security from simple paper and pencil calculations, actually using a key text out of the book that is only three times the length of the plaintext.

This cipher can be performed with pencil and paper, but in any case I have made a JavaScript version of it, which you may find useful as you read the article. It can be downloaded from


Absolute Forward Secrecy

swat-teamCase scenario: Alice and Bob are emailing messages back and forth between them. They know their email is not secure, so they use encryption to preserve their privacy. Suddenly, SWAT teams break simultaneously into Alice’s and Bob’s apartments. Their respective computers are seized and they are asked at gunpoint for their encryption keys. Can their prior conversation, which has been duly recorded before the break-in, remain private?

Answer: it can, but it requires a very stringent form of secrecy, which I will call Absolute Forward Secrecy (AFS). This is one step beyond Perfect Forward Secrecy (PFS), which is touted a lot these days. In this article, I discuss the different kinds of forward secrecy, and how to obtain the absolute kind with a minimum of hassle. (more…)