A one-time-pad is a method for encrypting a message using a cipher. First, all the characters in both the cipher and message are converted to numbers. Then each character is subtracted from it's matching character in the cipher text. The result is converted back into a character. Technically there is no way to crack the code as the same code could decrypt to any message given the right cipher. However the problem is, you need some way to communicate the key to the recipient in the first place hence why it's not widely used. More info.

I made this as a little project when a quick google led me to a similar web app that appeared to do the encryption on the server using PHP, so the unencrypted message is sent to the server before being encrypted and sent back. This app uses javascript so all the magic happens on your computer and nothing is sent over the internet. Plus you can inspect the source code to see how it works if your that way inclined, which isn't possible with PHP.


Enter your message in the first (plaintext) box, enter key text in the second box, your encrypted message will appear in the third. You can copy and paste sections of books, articles, news sites, reddit, anything with text in it for the key. It should be as long as the message but it will loop round as needed if it's not. Any changes you make to the plaintext or key boxes should cause the output to update automagically

You can press the 'Encrypt' heading at the top to change mode to decrypt. This reverses the order of the boxes and means that any changes to the Ciphertext or Key boxes will change the output in the Plaintext box. This is useful if you want to nest encryption e.g. If I drink, I die. If I eat, I'm fine. What am I?

PL\PíO_PUêoY\ÚVg_ÓaUWæ]YPJc@ïRc\VF`õƒ~ƒ‡”‹žš£„À¼·×”ʾÈÑ҂½ÞÐЅ¼ÑՐִÓÁå‚Ðʦ†˜•§’Žóîÿ)-#,2%CVapødOjae\óVSreæXi3ó9[a`ôZ``icXî`aeJï^y!ç;dømYpñ^Xgî[p _^j%WPW,øKR\eù`fî[p?æ,2B ôÿ’’“–¯¢£‰ÉÍÇݒÍÇܒƆÏáÔډÔÚډàԆÕ×ÌÙ¨’¢£¦Ÿ’“

Bugs / Issues

  • If you use normal language in your key it might be possible for a cracker to guess characters based on occurrance rates in the language (e.g) SPACE key is pretty common. Though technically you would still have deniability (since it's possible for an encrypted message to decrypt to anything given the right cipher), but the chances of it decrypting to a human readable message using a human readable cipher are probably pretty tiny! Will add options to remove spaces and 'randomize' the key to make this more difficult but you should use a random source for real security.