SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid.
SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to efficiently cipher text of arbitrary length or files of any size or type. Use it with confidence.
To achieve complete one-on-one privacy, SES traverses several levels en route to its output. The more words in your key-phrase, the more layers of encipherment SES applies. It is part Vigenere, part onetime pad, part cryptographic hash, not to mention the essential scrambler element, each component driven by ISAAC, with all key-derivation and stretching relying on Keccak in 512-bit configuration.
- Encrypt or decrypt messages of arbitrary length - no limit on size
- Encrypt and decrypt files of any type or size (up to 4GB)
- Top security built on Bob Jenkins' ISAAC CSPRNG and the new SHA-3 Keccak.
- True one-time pad capability via the -o switch (use Random.org or similar)
- Multi-levels of encryption, including a ciphertext-hash & OTP outer shell for avalanche/diffusion
- Unique nonce IV guarantees different ciphertext each time, even on the same message and key
- Iterative 1024-bit key derivation - hashing, salting, stretching - makes a cracker's job harder
- The number of words in your key-phrase determines the number of cipher passes
- After 7 years, SES has never been sucessfully attacked, so use it with trust and confidence
- No NSA backdoor: SES avoids NIST and all official standards
- Includes the command line program and an optional graphical GTK+ shell for calling it
- Interactive and command-switch modes
- Tiny footprint - with pipeable / redirectable output
- Completely cross-platform and open source
- Package includes Linux and Windows executables, along with the full source code.
- SES is easily called from any other language, script or GUI (PHP, bash, Perl, C, QT etc)
- Includes CISS - The C ISAAC Stream Cipher & Scrambler - a stripped down hot-rod SES
- Easy to construct a Web-based interface in PHP (example included)
- Already in use in production environments: SES just *works*; no issues or complaints.
- SES is programmed by an IT and Cryptography professional with more than 30 years' experience.
Well done. I've followed the evolution of this project with interest but until now haven't felt quite confident enough to commit to its regular use. SES definitely has potential. With the last release, I at last feel the program has come of age and is mature enough for me to begin using it for some more sensitive real-world encryption tasks. Here's hoping SES continues developing in the direction of greater key security, as I believe this is where its major weakness lay. GSES is definitely a big step in the direction of usability and safety. I applaud the concept behind the project and agree with much that the author says in the ReadMe concerning the untrustworthiness of NIST and its alleged NSA bedfellows. Disquieting. Viva crypto-independence!