* Source: ℹ️ Random Seed

Plaintext: ℹ️

Obfuscate

Ciphertext: ℹ️

Obfuscate

This application utilizes a JavaScript-based algorithm for encryption and decryption, inspired by the One-Time Pad cipher.

Our goal is to streamline the traditionally tedious process of adding and subtracting characters. By integrating modern technology with a reliable and secure cipher, we aim to provide a valuable service to OTP operators.

How to Use Padlock

Generating One-Time Pads

1. Access the OTP Generation Feature:

   Navigate to the "Generate Pads" section from the top tabs.

2. Specify a Source:

   Choose either Random or Seed to be the source of your OTP generation.

   If seed is selected, you'll also need to provide a secret seed.

3. Specify Amount:

   To create multiple one-time pads, enter the desired quantity of pads in the provided input field.

4. Specify OTP Length:

   Enter the desired length of the OTP in the provided input field. The length should match (or exceed) the length of the message you intend to encrypt or decrypt.

5. Specify OTP Character Set:

   Choose the desired character-set of the OTP in the provided drop-down list. There are numerous character-sets available, such as binary, decimal, alphabetical, and more. Some character-sets allow you to specify a casing (e.g. all upper-case letters).

6. Generate the OTP:

   Click the "Generate" button. The app will create a pseudo-random string of characters (letters, numbers, and symbols, depending on the character-set chosen) of the specified length.

   The generated OTP will be displayed on the screen, unless you enabled the "Hide Pads" option. Each OTP has a few controls at the top of the pad that let you either copy the pad to the clipboard, use it as a send key, or use it as a receive key.

   To verify that both the sender and receiver successfully produced the same OTP, each pad is assigned a specific pad id that is also a checksum. If in doubt, transmit the OTP's pad ID to verify the pads are the same.

Encrypting and Decrypting

1. Access the Encryption Feature:

   Navigate to the "Encrypt/Decrypt" section.

2. Specify OTP Character Set:

   Choose the desired character-set of the OTP in the provided drop-down list. This should be the same character-set used when generating the one-time pad. For example, if a binary OTP was generated, the character-set should also be set to binary.

3. Input the Message:

   Type the plaintext message you want to encrypt, or the ciphertext if you intend to decrypt, in the specified text area. Make sure that the length of the message does not exceed the length of the OTP/key.

4. Input the OTP as a Key:

   Paste the OTP into either the send key or receive key. You can use different one-time pads for both key types if you prefer. Using different OTPs for the send-key and receive-key can help prevent operators from human error by accidentally using the same part of a key, which could lead to security vulnerabilities or decryption problems. It also mitigates keys from getting out of sync since encrypting and decrypting messages are handled separately for each operator.

   If you ever suspect that the sender and receiver are using mismatched keys or that the keys are out of sync, operators should share the "length" and "checksum" values located below each key. This information can help re-sync their keys and ensure they have the same composition.

5. Encrypt/Decrypt the Message:

   Click the "Encrypt" button (if encrypting a plaintext message), or the "Decrypt" button (if decrypting a ciphertext). The app will perform the encryption/decryption using the OTP as the key and display either the ciphertext or plaintext on the screen.

6. Save & Load Progress:

   You have the option to click the "Save" button to store your progress and settings as a JSON file. This allows you to easily resume your work later. To import previously saved settings and progress, simply click the "Load" button and select the desired JSON file.

Ways to Use Padlock

Secure Communication

A one-time pad can be used for secure communication by employing a random key (the pad) that is as long as the message itself. The process begins with the generation of a randomly-generated key, which consists of random characters, numbers, or symbols and is kept secret between the communicating operators. When the sender, for example, Alice, wants to send a secure message, she converts her plaintext into numerical values and adds the corresponding values of the key, using modular arithmetic to wrap around if necessary. This results in the encrypted ciphertext, which she then transmits to the receiver, Bob. Upon receiving the ciphertext, Bob converts the same key (pad) into numerical values and subtracts the key values from the ciphertext, again applying modular arithmetic to retrieve the original plaintext message.

The security of the one-time pad lies in its design: as long as the one-time pad (key) is truly random, used only once, and kept confidential, it provides perfect secrecy. Without access to the key, the ciphertext remains indecipherable, ensuring that the communication between Alice and Bob is secure.

With Padlock, this process becomes highly automated, making secure communication easier. This app can generate random (and pseudo-random) keys and also perform the encryption and decryption processes seamlessly.

For technical instructions on how to use this app for secure communication, see the How to Use Padlock section.

Password Management

With Padlock, you can securely store passwords for various credentials, all while only needing to memorize one single master-password. Here's how the process works:

1. Set up a secure storage: Create a file, spreadsheet, or database to store your credentials. Encrypt this storage for added security.
2. Create a master-password: Come up with a long (at least 16 characters), complex master-password that you will commit to memory. Do not write it down anywhere.
3. Generate random passwords: For each credential you have, randomly generate a password-like string of the same length and character-set as your master-password. Save this random string with the credential details in your encrypted storage.
4. Derive actual passwords: When you need to use a credential:
   1. Type your master-password into the "receive key" field of this app.
   2. Copy and paste the random string associated with that credential into the "ciphertext" field.
   3. Click the "Decrypt" button.
   4. The resulting plaintext is the actual password you can use.

The primary idea of this method is that the master-password and the random string work together to derive the real password. Even if an attacker gets your encrypted credential storage, they can't access the passwords without your master-password.

File Encryption

Padlock can be used to encrypt small files.

File Encryption

To encrypt a file, follow the steps below:

1. Archive & Compress: Compress the file (or files) you want to encrypt by adding them into a compressed archive. As an added security layer, use the archive's built-in encryption method to encrypt it.

7z a -t7z -mx=9 -mhe=on -p"YourStrongPassword" archive.7z secret1.txt secret2.png secret3.pdf

Where "YourStrongPassword" would be changed to a secure password of your choice; and the files listed would be the names of the files you want to encrypt.

2. Convert to Base64: Convert the archive into a base64 text file.

base64 -w0 archive.7z > archive.7z.b64

3. Get Word Count: Determine the character length of the base64 file. This will be needed in the next step.

wc -c archive.7z.b64

4. Generate Key: Navigate to the "Generation" section of this app to create a random or pseudo-random key. The key's length must equal or exceed the character length of the base64 file (as determined in the previous step). If you used the 'random' source to generate the key, you'll need to save the key as a file in order to retrieve it at a later time. If you used the 'seed' source to generate the key, you only need to remember (or write-down) the seed—but be aware of any presets used.
5. Use Key: Click the "Use as Send-Key" button above the generated one-time pad (key). This will automatically send a copy of the key to the 'send key' field.
6. Encrypt Base64: Navigate to the "Encrypt/Decrypt" section. Next, open the base64 file (e.g. "archive.7z.b64"), and copy-paste its contents into the plaintext field. Click the "Encrypt" button.

This will encrypt the file, though it may take several minutes to complete; depending on the file's size.

7. Save Encrypted File: Click the "Save" button. This will save the current session as a JSON file with the encrypted base64 data as the ciphertext.

File Decryption

To decrypt an encrypted file, follow the steps below:

1. Load the File: Navigate to the "Encrypt/Decrypt" section and click the "Load" button. Load the JSON file created during the encryption phase above.

This will load the encrypted file into the "Ciphertext" field.

2. Paste Key: Paste the key that was created during the encryption phase into the "receive key" field. If the key was created with the 'seed' source, you may need to re-create it.
3. Decrypt File: Click the "Decrypt" button to decrypt the file. It may take several minutes to complete, depending on the size of the file.
4. Copy to Base64: Copy the resulting plaintext and paste into a text file, then save the base64 file (e.g. "archive.7z.b64").
5. Convert to Binary: Convert the base64 file back into a binary archive you wish to create.

base64 -d archive.7z.b64 > archive.7z

Where "archive.7z.b64" is the name of the base64 file and "archive.7z" is the name of the archive.

6. Extract Archive: To extract the decrypted archive, run this command:

7z x archive.7z

Where "archive.7z" is the name of the archive.

Zero Knowledge Proof

Padlock serves as an effective tool for implementing a Zero Knowledge Proof. This cryptographic technique enables one party (the prover) to demonstrate to another party (the verifier) that a statement is true without disclosing any additional information beyond that verification.

This method is particularly beneficial for authentication purposes, such as remotely confirming your identity or validating someone's knowledge on a specific topic. To utilize this technique, follow these steps:

1. Choose Seed: Go to the "Generation" section of the app, and opt to generate using a seed.
2. Pick Pepper: Select an appropriate preset for the pepper (for instance, 30 seconds). The output will refresh at the selected interval.
3. Choose Character Set: Decide on a suitable character-set (e.g., "decimal") and length (like 6 digits) to ensure clear communication. If the prover must verbally recite their answer, keep it simple—consider an uppercase three-digit "clear code."
4. Share Settings: Ensure both parties share this app and the settings selected, so that Padlock is configured the same way on both ends.
5. Ask a Question: The verifier will pose a question that they wish the prover to answer correctly, such as, "What was the name of the café where we first met?"
6. Answer the Question: The prover inputs their answer into the seed field and generates the key, then responds to the question using that key (e.g. "431945").
7. Verify Knowledge: The verifier repeats the previous step. If both parties provide identical answers, the generated keys will be the same, confirming that both parties possess the correct answer without having to disclose what it is.

Frequently Asked Questions

What is a One-Time Pad?

A one-time pad (OTP) is a method of encryption that uses a single-use pre-shared key or pad that is as long as the message being sent. The key consists of random characters, and each character of the plaintext message is combined with a corresponding character from the key using modular addition (typically modulo 26 for letters).

When an OTP is properly utilized, it is theoretically unbreakable. This is not an exaggeration; the cipher has been mathematically proven to be virtually impossible to crack, regardless of the computational power, time, or expertise an eavesdropper may possess.

No other cipher currently known to man can claim such a feat.

The foundation of this cryptographic method can be illustrated by the simplicity of the equation: 1 + 1 = 2

When two numbers are added together, they produce a sum. This sum, when considered alone, offers no information about the individual numbers that were combined to form it.

For example, the number seven could have been composed by adding one and six, two and five, three and four, and so on. When an eavesdropper only has the number seven to work with, they have no leads on what two individual parts were used to create that number.

Early Development

The concept of the one-time pad was first described by the American inventor and cryptographer Gilbert Vernam in 1917. Vernam, who was working for AT&T, developed a system that used a tape of random characters to encrypt messages. This method was later refined by Joseph Mauborgne, who introduced the idea of using a key that is as long as the message itself.

World War II

During World War II, simple encryption methods, particularly one-time pads (OTPs), played a crucial role in the communications of the French Resistance and the intelligence efforts of British and American forces against the Axis powers. The French Resistance utilized OTPs to securely transmit vital information about enemy movements, sabotage operations, and logistical support to their allies, ensuring that sensitive details remained confidential and protected from German interception. Meanwhile, British and American intelligence agencies employed OTPs to communicate with resistance fighters and coordinate operations, leveraging the pads' theoretical unbreakability to safeguard their messages. This secure communication was essential for planning and executing missions, such as the D-Day invasion and other covert operations. The use of OTPs exemplified the importance of secure communication in wartime, enabling collaboration among disparate groups and contributing to the overall success of the Allied efforts against the Axis powers.

Post-War Developments

During the Cold War one-time pads were a crucial tool for secure communication among intelligence agencies and spies. Agencies like the CIA and KGB relied on OTPs to protect sensitive messages, ensuring that critical information regarding espionage, paramilitary operations, and diplomatic negotiations remained confidential.

One-time pads were employed in number stations—enigmatic radio broadcasts that transmitted coded messages to spies in the field. These broadcasts typically featured sequences of numbers read by a synthesized voice, which agents would intercept via radio and decode using their one-time pads. Another technique involved the use of microdots, where tiny photographs containing messages were hidden within printed materials, allowing for discreet transmission of information. While the practical limitations of OTPs—such as the need for keys to be as long as the messages and the complexities of key management—restricted their widespread use, they were reserved for the most sensitive communications.

Modern Usage

In modern times, while more sophisticated encryption methods like asymmetric encryption dominate Internet communications due to their practicality and efficiency, one-time pads (OTPs) still hold significant value because of their unique security characteristics. OTPs provide theoretical unbreakability and can be implemented with just pencil and paper, allowing them to be integrated into almost any communication medium. This contrasts with modern encryption, which is often hidden from users and may contain secret backdoors or be vulnerable to eavesdropping and key mismanagement in compromised environments, such as on computers not owned or controlled by the user. As a result, OTPs remain relevant for highly sensitive communications where absolute security is paramount.

How Do I Share Seeds?

Before two operators can use the same one-time pad for secure communication, they must first share either the entire pad or a seed that can be used to generate identical pads.

This is a challenging problem that has plagued secure communication since the dawn of encryption. Luckily, with the advancements in technology and tactics, it's now easier than ever to share this secret seed securely; although no one method is perfect. Here are some common ways to share a one-time pad or seed with another operator, without letting the enemy intercept it:

Presharing

If you and your fellow operator are currently together and anticipate being separated in the future, take a proactive step to ensure secure communication. Before parting ways, exchange a secret seed or one-time pad. This pre-shared secret will serve as the foundation for secure future communications. When you need to transmit sensitive information later, you can immediately begin exchanging messages securely, using the pre-shared codebook to encrypt your transmissions.

Out-of-Band

Out-of-band (OOB) communication refers to any message exchanged outside the main frequency or channel being used for communication. For instance, if two operators will primarily send coded messages over their radio sets, they might first agree to share a secret one-time pad or seed through semaphore flags, a secure courier, or a morse-code line. In this scenario, any enemy listening in on the radio transmissions would be unable to intercept the OOB message. The operators would be able to secretly exchange seeds; and thus keep their radio communications secure.

Ephemeral Secret

An ephemeral secret is a type of OOB communication where the operators share a secret seed or one-time pad via a location or source that disappears (or is destroyed) shortly after being accessed. This method should only be used when both parties are certain that there are no active real-time attackers; or when the enemy agents are significantly delayed in their response.

The most effective type of ephemeral secret is one that only you and the receiver can access by placing it behind a physical lock, password, or secret (e.g. secret location, secret compartment, etc.). That way, if an enemy agent attempts to trace your footsteps or intercept the sensitive information, they'll be stopped by the barrier.

For instance, suppose an operator, Alice, wants to share a secret seed with another operator, Bob. She can upload the secret seed to a secure web server she controls, then send Bob a hyperlink to the file. If Bob can access the file quickly, Alice can immediately delete it afterwards, preventing any enemy from accessing the secret in the future. Dead Drops operate on the same ephemeral secret principle.

Dead Drop

A dead drop is an inconspicuous or hidden physical location where two operators can leave or retrieve a secret seed or one-time pad while avoiding direct contact.

For example, Alice and Bob might agree on a specific location (e.g., a bench in a park) and a time. At a designated time, Alice would secretly leave a sealed envelope containing the seed or one-time pad. Shortly after, Bob would retrieve it. Because both parties are never at the same place at the same time, and the transfer is done secretly, it's extremely secure.

However, they're also more complicated to set up and can be risky if the location is discovered or an enemy agent gets to the package first.

Public Source

Generating a secret seed from a public source resembles the concept of an ephemeral secret, but relies on publicly accessible information instead. Think of examples like the closing stock prices in a neutral country’s newspaper, the timestamp on a coded radio broadcast, weather reports from a specific city, or even the positions of the stars and planets. If both operators have access to the same details, they can generate identical seeds for their one-time pads, no matter how far apart they are—even one is in London and the other behind enemy lines.

Stenography

Stenography is the craft of embedding confidential information within everyday objects—such as letters, photographs, or sketches—so that the enemy sees only harmless material and is unaware that any secrets are being communicated. When paired with a one-time pad, seed, or encrypted message, stenography offers a secret way to outwit even the sharpest interrogator.

Steganography operates on the principle that information fundamentally consists of patterns. Consequently, any medium—whether matter or light—that can be arranged into specific patterns can serve as a vehicle for storing or conveying secret information. For instance, subtle modifications to commonplace items—such as a handwritten note, a propaganda leaflet, or a photograph—can effectively conceal a message within a series of hidden patterns. Alternatively, some forms of steganography do not require altering the item itself, as information also necessitates an interpreter or "reader" capable of recognizing and understanding these patterns to extract meaningful information. If an adversary is unaware of what information to extract or how to interpret it, they will be unable to comprehend the message. This principle allows two operators to agree in advance (see presharing) to use an ordinary, unmodified object, employing a predetermined method to interpret the object's inherent characteristics—such as the weight of a vase—as a basis for communication. By keeping the specific characteristics used as a shared secret, a message can be effectively hidden through steganography.

In both steganographic methods, the key to success lies in how the message is embedded and subsequently extracted. For steganography to be effective, it is crucial that both parties have a pre-arranged system in place to understand the specific steganographic technique being employed and how to utilize it for sending secret messages. Some common methods include:

• Character Codes: Divide the alphabet up into two groups (with near-equal proportion of use). The first letter of each word in a message you send will belong to either one of two groups. One group represents "0", and the other group represents "1".
  • Group 0: E, T, A, O, I, N, S, H, R
  • Group 1: D, L, U, C, M, W, F, Y, P, B, G, V, K, J, X, Q, Z
  Binary data can be secretly transmitted by interpreting which group the first letter of each word belongs to. For example, the sentence "The fox is cunning" would be 0101. Alternatively, specific words or phrases can have pre-arranged meanings. For example, the word "the" could represent a "0" and the word "and" could represent a "1."
• Innocent Letter: To convey a secret message, two operators must first agree on a specific interval of words. This means they decide how often to select a word from a sentence to extract a letter. The letter to be extracted is always the first letter of the selected word. For instance, if they agree to take the first letter of every 3rd word, they would apply this rule to a sentence like "The fox is cunning."
  
  In this example, they would select the first letter of the 1st word ("The" gives "T"), and then skip two words to select the first letter of the 3rd word ("is" gives "I"). The resulting letters "T" and "I" would be part of the secret message.
  
  To increase the security of this method, first apply a simple substitution cipher to the letters so that each character represents a different letter.
• Stenographic Stitching: Convey binary data through the loops or stitches of a sewn cloth. For instance, varying stitch patterns or colors of a scarf can represent binary values (e.g., a straight stitch for 0 and a zigzag stitch for 1).
• Deck of Cards: Dispatch a shuffled deck of cards and utilize the order of the cards (e.g., the suit and/or rank of each card) as the seed. The recipient can reconstruct the seed by knowing the specific order of the deck. Alternatively, secretly "mark" specific cards by subtly daubing, bending, or shaving a minuscule portion of the card, then use only these marked cards as the seed.
• Book Reference: Use a specific book and reference a particular page and word, such as "the 7th word on page 42 of 'The Return of the King'."
• Webpage Element: Reference a specific element on a webpage, such as "the text of the first paragraph on the homepage of [URL]" or "the 10th comment on a specific post", or the number of white-spaces hidden in-between specific HTML elements, as found in the webpage's source code.
• Document: Take a document file, such as an "ODF" file, and rename it with a ".zip" file extension. Then, extract and modify a subfile to embed a secret message or seed, or use the hash of a subfile as a seed. Rename the document file back to its original name, then send it to the receiver.
• Space Between: Count the number of words between two designated signal words or individual characters. For example, counting the number of words between words that start with the letter "T" could yield a seed. The sentence "The baby is tired, try again tomorrow." would yield the number 201.
• Microdots: Microdots are minuscule, nearly invisible dots of information used for covert communication or identification. They are created by photographically reducing a document or message to a size no larger than the head of a pin. Modern alternatives, like MicroSD memory chips, can hold vastly more information and be encrypted, but are larger than microdots.
  Microdots can be hidden in various ingenious ways to evade detection. They can be concealed on a person's body, inside a vehicle or body cavity, cached in garbage or soiled laundry, stowed inside a wall, or buried inside a capsule or geocache box.
• Knotted Rope: Use a length of rope or string with knots tied at certain intervals. The type and position of the knots can represent different bits of information.
• Map Coordinates: Use a physical map and specify coordinates or landmarks. The information at those coordinates (e.g., the name of a location) can serve as the seed. Alternatively the coordinates could point to a dead drop location that holds the seed.
• Pixels: By manipulating the colors of pixels in an image, a secret message, one-time pad, or seed can be conveyed.
  • Absolute Method: The hexadecimal or RGB color values of a pixel can represent specific characters or word codes. For instance, the color value 0xFF0000 (red) could denote the letter "A." By strategically coloring pixels in specific locations within an image, a secret message can be communicated. However, this method has a significant drawback: the colors may contrast with the rest of the image, making the steganography potentially detectable by adversaries. To mitigate this, only use the least significant bit (ones-place) of the red, green, and blue hexadecimal values to change the image. For example, if the original image's pixel was 0xFF0000, and you wanted to convey a "7", you'd change the color to 0xF70000, and not 0x7F0000.
  • Relative Method I: This method involves starting with a specific "origin" pixel (denoted by X & Y coordinates) and examining a pre-determined neighboring pixel. Calculate the difference between the two pixels in their hexadecimal or RGB color values. The result represents a single character of a secret message, one-time pad, or seed. For example, if the origin pixel had a color of 0x7E7E7E, and its neighbor has a color of 0x6F6F6F, the difference would 0xF0F0F. After finding the difference, the neighboring pixel then becomes the new origin pixel, and the process is repeated using a different pixel as the neighbor. This approach is more subtle than the absolute method, as the changes in color are relative and less likely to stand out.
  • Relative Method II: This technique is similar to Relative Method I, but instead of calculating the exact difference in color values between a neighboring pixel and the origin pixel, you simply determine whether the neighboring pixel is "lighter" or "darker" than the origin pixel. This comparison results in binary data, where "1" represents lighter and "0" represents darker. This binary data can then be translated into characters. This method is even more discreet because it only involves a simple comparison, making the changes less perceptible to the human eye. The differences are only apparent in the single point difference in the hexadecimal color value.

Trusted Third Party

If Alice and Bob need to establish secure communication but have never met and are geographically separated, they can still do so with the help of a mutual friend, Charlie, who has secure connections with both Alice and Bob. Charlie can securely share a seed with both Alice and Bob, enabling them to establish their own secure connection. Charlie doesn't have to be a real person, either. If Alice and Bob are using the same version of this app, for example, with the same unique salts set up, they can use the secret salts as the trusted third party. However, the salts would need to remain a shared secret between both parties for this method to work.

Operational Security and Cybersecurity Manual for Handling Secret Messages on Computers

Introduction

This section outlines essential operational security (opsec) and cybersecurity (cysec) methods for securely handling secret messages on computers. Following these guidelines will help mitigate risks associated with unauthorized access, surveillance, and data breaches.

Physical Security

1. Remove Surveillance Devices: Ensure that all audio and video surveillance devices are removed from the vicinity. This includes cameras, microphones, smartphones, and speakers (which can be reversed into microphones). Also search for hidden video, audio, and thermal surveillance devices; which may be either wired, wireless, or passive. Place any devices with a wireless receiver, transmitter, or transceiver, inside a Faraday cage, such as microwaves, at least two rooms away from where you operate. Ensure these devices are powered off and batteries are removed .
2. Close Window Shades: Close all window shades to prevent external visual surveillance.
3. Counter Audio Surveillance: Modern audio surveillance can use laser microphones to listen through windows. To counter this, install sound baffles on the windows, turn on background noise such as music, white noise, or multiple-streams of voices, or use a windowless room.
4. Never Write Anything Down: Writing down sensitive information can be intercepted by an enemy agent, but also the impressions left by a pen or pencil can also be pulled off the bottom surface that was written on.

Hardware Security

1. Use Personal Hardware: Only utilize one-time pads (OTPs) on computer hardware that you own and control. A government-controlled, corporate-controlled, or public-access computer could be inundated with spyware and surveillance software such as keystroke loggers, screen recorders, real-time desktop monitoring and control, file-shadowing, geolocation, and worse. Only buy computing devices from reputable sources, and randomly pick a store and time to purchase the hardware so enemy agents cannot subtly manipulate you into buying a specific compromised device. Once purchased, ensure no one else ever has physical access to the hardware.
2. Disconnect from Networks: Never allow the device to physically connect to a network (either LAN or Internet). Ensure the device remains air-gapped and completely offline before, during, and after the use of OTPs. Disable or destroy any wireless connectivity options, including Wi-Fi, Bluetooth, NFC, and radio. This is because most modern computer processors have Management Engines (ME), which are small, low-powered sub-processors integrated into the chipsets. Management engines operates independently of the main CPU and can perform various tasks, including root-access remote surveillance and control, software installation, and more. If allowed to connect to a network, ME may try to "phone home" to third-party servers and grant others access to your computer without any warning or notice.
3. Password Protect: Always set a BIOS admin password and a BIOS user password, and disable Management Engine remote access and ME keys at the BIOS/UEFI level.
4. Avoid Wireless: Never use a wireless mouse, keyboard, or other input or output device, as the radio signals can be intercepted by nearby enemy agents.
5. Live-Boot Environment: Use a live-boot CD of a Linux distribution that has been reviewed for security and privacy merits by reputable sources. Download it from an official repository, then verify its integrity through a checksum that has been downloaded via an out-of-band channel.
6. Avoid Physical Keyboards: Do not use physical keyboards, as the sound of keystrokes can be captured and interpreted using AI, or they can have built-in keyloggers. Instead, consider using virtual keyboards provided by the operating system.
7. Search for Keyloggers: Before use, thoroughly search the computing device for keyloggers attached to any input devices (e.g. keyboard, mouse) or output device (e.g. monitor). Keyloggers can also be in the form of malicious software.

Software Security

1. Only Trust Open-Source: Only use trusted open-source Linux builds in live-boot CDs. Avoid installing unnecessary software on the system.
2. Data Transmission: If data must be transmitted, use base64 encoding or QR codes of base64 to transfer files over an air-gap.
3. Memory Security: Ensure that any seeds, plaintext, one-time pads, etc., never touch unencrypted non-volatile memory, otherwise enemy agents can use digital forensics to recover the sensitive information.
4. Power Control: Connect all devices to a single power switch that can be turned off with the press of a button, allowing for quick shutdown in case of an emergency during one-time pad operation.

By adhering to these operational security and cybersecurity methods, you can significantly enhance the security of secret messages handled on computers. Always remain vigilant and continuously assess your environment and practices to mitigate potential risks.

Is Padlock Copyrighted?

Yes, this app (Padlock) is released until the MIT License:

Copyright (c) 2025 Kyle Mecklem

Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR 
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.