High security asymmetric encryption for text, files and chat. You keep the Key secret and give out the matching Lock
ATTENTION CURRENT USERS:
version 2.4 is around the corner. There are multiple enhancements in this version, which require the format of encrypted items to change. This means that you won't be able to decrypt or unseal items encrypted or signed by the current version, and that Read-once conversations in course will need to be reset. We apologize for the inconvenience.
- Images can now be added to encrypted messages.
- Great speedup achieved by reducing writes to the page.
- Added a whitelist-based output filter to protect against malicious encrypted messages.
- Files encrypted in Signed mode can now be saved correctly.
TAKE PRIVACY INTO YOUR OWN HANDS
End-to-end secure encryption, plus steganography for email and real-time chat.
PassLok does not use servers that might compromise your information. Everything is done offline.
PassLok stores nothing secret, not even in your device.
This app is compatible with PassLok for Email (especially in Email mode), to be added shortly to the Chrome store. Use it if your email service is not yet supported by PassLok for Email.
With PassLok, you can:
- Write messages than only the intended recipient can read.
- Do this without having established a secret password.
- Lock files and images as easily as text.
- Establish a real-time peer-to-peer chat involving text, files, audio, and video
- Digitally sign text, images, and files so others can be sure they come from you.
- Convert your favorite email or texting app into a secure communication channel.
- Hide private information as apparently innocent text, or inside images.
- Use Decoy mode, so your true message is not what it appears to be.
- Create messages that can only be read once.
- Communicate across platforms.
- Send confidential mailings to several people at the same time.
- Use a borrowed device, in case yours is bugged.
- Be as paranoid as you like. We are really paranoid, and this is why we developed PassLok.
PassLok uses 255-bit standard elliptic curves, which have been vetted against weaknesses by experts. On top of that, PassLok uses 256-bit XSalsa20 encryption and 512-bit hash functions to complete the locking process. XSalsa20 is a high-performance, open source cipher, which has been scrutinized by experts for nearly a decade without any practical weaknesses being found.
The first time you run PassLok, it helps you to come up with a strong text-based secret Key, which can be whatever you want it to be. PassLok places no restrictions to make sure that you can always remember your Key without ever having to write it down.
From your secret Key, PassLok creates a Lock, which is like a phone number that you give to the people you wish to send messages to you. They will "put your Lock" on those messages, and only your Key, which you have given to no one, will be able to unlock them. Optionally, you can post your Lock on the PassLok general directory, adding a video so people know the Lock is genuine.
This is the Chrome app version of PassLok, essentially identical to the versions released for PCs and mobile platforms. In addition, there is a pure html version of PassLok at the following mirrors:
If you want to check them out, you should get the source by doing ctrl-u or cmd-opt-u, get its SHA256 with an external program or web page, and compare it with the value below. This is not necessary for app store versions like this one, which are code-signed by the app store.
Checksum for web sources (single html file) of version 2.3.5:
See the author reading this: https://www.youtube.com/watch?v=_zsCzbZc3uU