Vernam Cipher (One-Time Pad)
XOR every byte of the plaintext with a uniquely-generated random key byte. With a truly random key that is never reused, the ciphertext reveals nothing — provably, mathematically, forever.
Move your mouse or type to collect entropy…
Generated key
One cryptographically random byte per plaintext byte — the browser's
CSPRNG (crypto.getRandomValues) mixed with your collected
mouse and keyboard entropy via SHA-256.
Byte-by-byte XOR
Each column: the plaintext byte (character + hex), the random key byte, and their XOR — the ciphertext byte. Non-ASCII characters show their raw hex values.
Decrypt
Paste the hex key and hex ciphertext from any Vernam encryption. The key and ciphertext are pre-filled automatically after you encrypt.
How it works
Gilbert Vernam patented the one-time pad in 1919. The rule is simple:
for plaintext byte p and key byte k, the
ciphertext byte is c = p ⊕ k. Because XOR is its own
inverse, decryption is identical: p = c ⊕ k.
Shannon proved in 1949 that this scheme achieves perfect secrecy — the ciphertext carries zero information about the plaintext — provided three conditions hold:
- The key must be truly random (not pseudo-random).
- The key must be at least as long as the message.
- The key must be used only once and then destroyed.
If any condition is violated the cipher breaks. Reusing a key lets an
attacker XOR two ciphertexts together and cancel the key:
c₁ ⊕ c₂ = p₁ ⊕ p₂ — the key vanishes and only the
XOR of two plaintexts remains, which is trivially cribbed.
The key generated here uses crypto.getRandomValues
(a browser CSPRNG fed by OS entropy) further mixed with your mouse
and keyboard events via SHA-256. The result is indistinguishable from
random to any computationally-bounded adversary.