Jericho Comms

Home

Create one-time pads

You need truly random data for information-theoretically secure communications using one-time pads. This program provides a True Random Number Generator (TRNG).

Entropy is extracted from two images that you provide. For best results, use photographs from a standalone digital camera or digital SLR that have been captured in your camera's RAW image format. This best preserves the original data when the shot was taken. You should then transfer them directly to your computer by USB cable or SD memory card. Then convert them as-is (without post processing) to a lossless image format e.g. PNG or BMP. Avoid JPEG and other lossy compression formats where possible as they may affect the output in predictable ways. Avoid using your mobile phone as they generally have poor security and the contents can be secretly collected from them at any time due to the closed baseband processor.

Take photos of something that is generally random in nature. Photos taken in macro mode of sand at a beach, grass and gravel work best. Trees, bushes, rocks and ocean waves also work well. Avoid studio photography with plain backgrounds. The photos should be clear and in focus as much as possible.

The program will run randomness tests on the data after it has been run through the randomness extractor. Check that all of the tests pass otherwise you may need to try different photos. Be sure to permanently delete the original photos from the camera and your computer after the one-time pads have been created from them. To be absolutely safe, run this program from a non-networked (air gapped) computer. On export, the one-time pads will be encrypted for transport and use.

This process should be run from a desktop or laptop PC as it is resource intensive and the page is not mobile optimised. The website has details about how the algorithm processes and extracts the random data from the photo.

Launch TRNG


Alternatively you can import your own truly random data which will be split it into separate one-time pads for use with the program. This is at your own risk. Do not use data generated from a PRNG or even a CSPRNG as it will not be strong enough for one-time pads and will reduce the security to that of a stream cipher.

Load custom random data


Other tools

This tool is useful if you do not have a standalone digital camera capable of RAW mode and wish to capture photographs using your webcam. After you have saved two photographs you can process them in the TRNG. If the webcam photograph capture does not provide enough random data you can always export and combine the extracted random data together from multiple sets of images into a larger file, then load the file as custom random data and create the one-time pads from it.

Webcam photograph capture


This tool is useful if you have processed multiple sets of images with the TRNG and you want to concatenate all the files of random data together and convert it into a single binary file for testing in an external tool. In the TRNG you should have exported the random data as text files containing only ASCII hexadecimal symbols. Then use this tool to combine the data from all the files and output a single binary file. This has been tested to only work in Firefox at the moment.

Combine random data by concatenation


This tool is useful if you have processed multiple sets of images with the TRNG and you want to XOR all the files of random data together and convert it into a single binary file for testing in an external tool. In the TRNG you should have exported the random data as text files containing only ASCII hexadecimal symbols. Then use this tool to combine the data from all the files and output a single binary file.

Combine random data by XOR
Home

Load one-time pads

This will load the one-time pads from the clipboard or text file into the local storage of this computer/device. Once the pads are loaded you can start chatting.
Load method:
Choose the one-time pad text file:
Open the one-time pad text file, select all text (Ctrl + A), copy (Ctrl + C), paste below (Ctrl + V) then click Load.
Enter decryption details:
Passphrase
Keyfile
PBKDF Keccak iterations
PBKDF Skein iterations
Go to chat
Home

Test server connection

This will test the connection from the client to the server using the API. Using HTTPS is not necessary as all data to and from the server is end-to-end encrypted and authenticated. If however you want to use self-signed certificates, remember to load/accept the server's certificate as trusted into your browser's certificate store first or the connection will fail.

Home

Backup/move pads to another device

This will let you save the current pads in this device or computer's local storage to another location.

Warning: the pads being backed up will not be encrypted (until a future version). Please save the pads in an encrypted TrueCrypt 7.1a container file instead or use destructable media e.g. CD/DVD.

Once saved from here you must clear this device's storage so that you don't have the same pads on two different devices. Doing that could allow duplicate use of a pad and allow for cryptanalysis.
Save to

Restore pads from backup

This will load the backed up one-time pads from the clipboard or text file into the local storage of this computer/device. Once the pads are loaded you can start chatting.
Method 1:  Load from text file:
Method 2:  Open text file, select all text (Ctrl + A), copy (Ctrl + C) and paste (Ctrl + V):
Go to chat
Home

Emergency auto nuke

Warning:
This button will delete all the one-time pads from this device/computer's browser and all the messages from the server.

The next time the other user connects to the server it will automatically delete their one-time pads as well. They will not have a chance to read the most recent messages you sent if they have not read them already.

If your device/computer is about to be compromised and you need to clear all evidence of communications use the button below.
Note:
If you cannot resolve the connection issue in time, you can still nuke your local database.
Home

Chat

Message ID
From on at
Remaining messages per user:
: 0
Home
Image 1: Name: N/A Size: 0 Type: N/A View image
Image 2: Name: N/A Size: 0 Type: N/A View image
Repeating / stuck pixels (same RGB colour at the same location in both images): Total pixels:
0
 View pixel indexes View image
Image 1 least significant bits: Image pixels:
0
 Input entropy bits:
0
 Entropy tests:
N/A
 View bitmap View colour bitmap View test results
Image 2 least significant bits: Image pixels:
0
 Input entropy bits:
0
 Entropy tests:
N/A
 View bitmap View colour bitmap View test results
XORed least significant bits of both images: Entropy bits:
0
 Entropy tests:
N/A
 View bitmap View colour bitmap View test results
Totals after Von Neumann whitening: Extracted bits:
0
 Extracted tests:
N/A
 View bitmap View colour bitmap View test results
Final results: Estimated number of messages:
0
 Recommended to export and use for secure messaging:
N/A

Random bits after Von Neumann extraction (coloured pixels)

Random bits after Von Neumann extraction (black and white pixels)

Random bits after Von Neumann extraction test results

Least significant bits from both images XORed together (coloured pixels)

Least significant bits from both images XORed together (black and white pixels)

Least significant bits from both images XORed together test results

Least significant bits second image (coloured pixels)

Least significant bits second image (black and white pixels)

Least significant bits second image test results

Least significant bits first image (coloured pixels)

Least significant bits first image (black and white pixels)

Least significant bits first image test results

Repeating/stuck pixels image (visually check for red pixels)

Repeating/stuck pixels index locations

Original second image

Original first image

Home


File information: N/A
View bitmap images
View test results
Totals: Random bits:
0
 Messages:
0
 Tests:
N/A

Random bits (coloured pixels)

Random bits (black and white pixels)

Overall test result for all groups of 20,000 bits: .
Group test results for to bits passed: .
Test Name Test Pass Criteria Test Result Test Passed
The Monobit Test The test is passed if 9725 < X < 10275.
The Poker Test The test is passed if 2.16 < X < 46.17.
The Runs Test The test is passed if the number of runs that occur (consecutive '0' or '1' bits for lengths 1 through 6+) is each within the specified interval:
Run length 1 2315 - 2685
( zero runs + one runs)
Run length 2 1114 - 1386
( zero runs + one runs)
Run length 3 527 - 723
( zero runs + one runs)
Run length 4 240 - 384
( zero runs + one runs)
Run length 5 103 - 209
( zero runs + one runs)
Run length 6+ 103 - 209
( zero runs + one runs)
The Long Runs Test The test is passed if there are no runs of length 26 or more (of either zeros or ones).
Set the parameters for the random data import
Export to
Fill out all the details to make importing easier for other users: Export the random data for testing in an external program:
Server details
Server address (and optional port)
Server group identifier (hexadecimal 64 bits)
Server group key (hexadecimal 512 bits)
Chat group details
Number of users in group
Custom user nicknames
Database encryption password
Passphrase
Passphrase (repeat)
Estimated strength: 0 bits
Advanced options for international travel – Click to show
Advanced options for international travel
Home 1. Take photograph

Video stream

Captured photograph

Home
Select text files containing ASCII hexadecimal symbols to be concatenated together and converted into a single binary file.
File name: N/A Total hex symbols: 0 Size: 0
Home
Select text files containing ASCII hexadecimal symbols to be XORed together and converted into a single binary file.
File name: N/A Total hex symbols: 0 Size: 0