All my crypto apps updated

It’s a fairly small change, but one that may mean much. The versions I just pushed out include an icon on the toolbar, plus sometimes a special button, in order to download encrypted and decrypted files loaded in the box as a link. This gets around the file size restriction of the right-click and “save as…” method that was used until now, especially on Chrome. I’ve been able to load and save files over 1 GB in size. Then you can attach them to a regular email, for instance. This affects the following apps: PassLok Privacy, PassLok for Email, PassLok Universal, FusionKey, SeeOnce, and URSA.

2 thoughts to “All my crypto apps updated”

  1. I have just read your articles on bookpad (I realize that they are somewhat dated). One important point that you made was the use of well known texts (e.g.,, NYTimes articles, etc. and you stated that the sum of these texts would produce approximately 2^40 texts available at that time. It is quite easy to dramatically increase the number of source texts in generating keys that begin to make the processing of all texts infeasible. I have outlined some of these steps in my own (practically invisible blog) on linkedin, that an alternative encoding method is to select one of many possible cryptographic hash functions, break the source text into chunks matching the hash size, and hash each chunk with the text. You can increase entropy by compression of the source text prior to hashing and you can use a “seed” text that is prefixed or suffixed to each chunk prior to hashing. Last, but not least, you don’t need to limit yourself to text sources. For example, there are will known sources of binaries (all possible architectures of git source programs or latest releases of Ubuntu, Red Hat, Raspberry Pi OD,, etc.). These can be chunked, seeded and hashed in a similar fashion, greatly increasing the number of possible “books” to use in this fashion. The great thing about this is that the variety of hash codes combined with seeds can generate a VERY large number of OTPs from a single source input. Existing Raspberry PI computers can generate OTPS for shared communications with a smaller number of securely generated pieces of information: 1) source text, 2) hash key, 3) compression, 4) byte swapping and 5) seeds used for each “chunk” of source text mapped to hashed OTP output. Each party can independently generate OTPs from this information for generating as many OTPs as they need for communication.

    1. Yes, BookPad has long been surprised by some other algorithms I’ve published here. The main point of BookPad, however, still remains, and this is that you can collect a lot of entropy from simple text, using very simple calculations such as modulo addition. The BookPad algorithm is simple enough to be done by hand, and it does not involve any kind of pseudorandom number generator. If you are willing to risk using a computer, then you can use much more complex algorithms, such as hash functions. This is how the “pad mode” of encryption incorporated into my PassLok Privacy app works: The user loads a large piece of text as key, which gets hashed with SHA256 in order to make it appear random. More recently, I wrote a post on this blog introducing BytePad, which takes any file and performs a sort of hash based on a Lagged Fibonacci Generator. The result is reversible back to the original unless you also perform a final step where one half of it is combined with the other half, to yield a very secure pseudorandom file half the length of the original. There are a number of additional parameters that will produce different results when tweaked, so that one source file can produce many pseudorandom files, as you suggest. It is also very fast. Just for kicks, I loaded the King James Bible ( version) with all default parameters, and it performed the operation in roughly one second on a 2009 iMac.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.