FAQ
Main Site
Home
FAQ
Help
Terms Of Use
|
Privacy Statement
Copyright 2009 by hiddentools.com
Main Site  |  HomeFAQ  |  Help
Frequently Asked Questions
Q. Who are the target users of the Infinite One-Time Pad (IO-TP)?
This software is not for everyone. It is intended only for law abiding individuals, businesses, and organizations who want to protect their text or communications. Though defensive in nature, it is not intended and should never be used to protect evil activities.

Q. Is the software difficult to use?
The program is user friendly and very simple to use. Quick Tutorial is available within the software to guide you through encryption and decryption process in just few easy steps. Online help is also available to let you learn the rich features of the program quickly.

Q. How can I trust that my encrypted e-mail or text is safe?
Your Key File, Secret Code, Key Modification, Password and information about them are not included on the ciphertext. Nobody knows about them except you and whom you like to know. Even the creator of this software cannot decipher your encrypted text.

Q. How can you ensure that IO-TP encryption is unbreakable?
InO-TP is a modern implementation of the unbreakable One-Time Pad. It compresses the plaintext then transforms it based on the Secret Code and the Password used. The key is also transformed using irreversible algorithms. The resulting ciphertext is 100% unbreakable. This can be proved logically and mathematically. IO-TP solves the impracticalities of the legendary One-Time Pad without sacrificing encryption strength. It provides multiple protections making it more secure than the true One-Time Pad and other software claiming "unbreakable encryption".

Q. The key is not obtained from a perfect random source; therefore, it is not secure.
That argument is only applicable to the true One-Time Pad where the key is directly used. Perfect random source is not necessary since the key is obtained from a secret key file and transformed to attain high entropy. The compressed text is also transformed. The encryption information is already lost on the output ciphertext and cannot be recovered. Attackers must defeat all protections used to succeed.

Q. Is there any backdoor on the program?
None, otherwise, we cannot call the encryption "unbreakable" and it's useless. We respect your right to privacy.

Q. What will I receive upon purchase?
You will receive the unregistered copy of the software and an activation key to enable encryption feature.

Q. If I want to send encrypted email to someone, does he need to purchase this software to decrypt my e-mail?
If what he need to do is to decrypt your e-mail then the answer is "no". You may send the unregistered copy of the software. The unregistered copy can be used to decrypt a ciphertext created using IO-TP. If he need to encrypt a text then he need to purchase a license as well.

Q. Why is IO-TP has lots of protection? Is a single password not enough?
Even if the cyphertext is unbreakable, it could be compromised when the password is obtained illegally by the adversary. There are many ways to get around a certain protection. To ensure security, multiple protections are provided. You may however omit optional protections if you prefer. It is not mandatory that you modify the key or supply a password. The secrecy of the key file alone is enough to protect your ciphertext as long as it's only you and your intended recipient have that file. For maximum protection, it is advisable that you utilize all protections available.

Q. Can I reuse a key file?
Yes as long as you use a different password each time. The password transforms the key extracted from the key file to produce a unique key.

Q. What is the maximum length for a password?
You can use a password of any length.

Q. How can I make sure that the ciphertext is authentic?
In order for an attacker to alter the document, he must successfully decrypt the cyphertext. It is almost impossible for an attacker to obtain all the protections necessary for decryption. Nonetheless, you may use the Authentication Function of IO-TP to ensure authenticity.

Before communicating in ciphertext, parties must agree what Secret Code to use and what origin data shall be included on the ciphertext. Origin data could be IP Address, Username, Document Hash Code, Encryption Date, and more. To illustrate, let's consider three scenarios.

  1. The adversary possesses the Secret Key File, Key Modification, and Password and has intercepted the ciphertext. - He cannot decrypt and tamper the message because he doesn't know the Secret Code. If he replaced the ciphertext, you won't be able to decrypt it because the Secret Code is not correct.
  2. The adversary has all the protections and has intercepted the ciphertext. - He can replace the message but if he fails to include the origin data as agreed, you will know that it is not authentic.
  3. The adversary has all the protections; he knows the origin data to include and has intercepted the ciphertext. - If IP address is one of the origin data that must be included, then his IP Address will be revealed and you will know that it is not authentic. The adversary cannot edit nor provide fake origin data. The software supplies the selected origin data automatically. If the data is supplied manually, the software can detect it and you will be notified.