All you need to know to use PrismCipher like a pro:


What’s the issue here?

Our rights to enjoy free speech and privacy have been continuously attacked by government, the same manner of government our forefathers fought a civil war with. A little over 200 hundred years later, we’re still fighting.

The issue is end-to-end encryption, or in the case of Apple, the lack thereof.

Why did you create PrismCipher for Chrome?

I created the PrismCipher cryptosystem in response to wholesale data collection by the NSA and the Five Eyes countries, and by companies offering “free” services where the account holder’s data itself is the price of admission.

Whether it’s from a global SaaS company or a nation-state actor, data collection is routinely performed 1) without a warrant, 2) with little judicial oversight, and 3) with no opportunity for redress.

In response, I wanted a solution for the problems of corporate espionage (Google reading my Gmails) and government internet surveillance (NSA PRISM program) while still being able to enjoy the use of popular mainstream services.

PrismCipher for Chrome is the initial implementation as a Chromium browser extension.

What kind of encryption does PrismCipher use?

The software employs symmetric key (private key) encryption, similar to AES. This means the same passphrase is used to encrypt and decrypt the message.

The pre-shared key (PSK) must be distributed among all parties involved prior to encryption, and a secure channel must be used. When sharing your PSK, do not use any supported services as they are inherently insecure. The exception is ProtonMail: it may be used to convey your PSK.

Is this like using One-Time Secret to protect data?

As far as protecting data before transit, PrismCipher is similar to services such as self-destruct-o, One-Time Secret or read-once.

Self-destruct-o is like One-Time Secret on steroids, while read-once doesn’t even try to protect the message or password it uses.

PrismCipher does not store protected data on servers like self-destruct-o or One-Time Secret, neither does it transmit passwords in the clear like read-once does. Services such as One-Time Secret are good for creating protected data shares and, once protected, allowing the user to choose how to send the secret link to the intended recipient.

On the other hand, PrismCipher is useful for seamlessly transmitting data through existing services like Yahoo! Mail or Gmail. Once you encrypt, you can see exactly what you’re sending prior to transmission.

Where did the name PrismCipher come from?

With some malice, the name “PrismCipher” was created as a retort to the specific NSA surveillance program made known by Snowden.

In a perfect world, once citizens have determined their government is spying on them, necessary course corrections would be made via elected officials. By now, it’s naive to think that’s ever gonna happen. In June 2013, Snowden disclosed a program begun in 2007. From then to now, the only thing that has improved is our awareness of it. (And the only thing that has increased is our general ambivalence.)

Since the NSA can’t be prevented from using PRISM to analyze and archive our data, we might choose to use software like PrismCipher to render the NSA’s ill-gotten gains unintelligible.

What data does PrismCipher collect on me?


Unlike most services, the PrismCipher for Chrome browser extension does not monitor where you are, what you do or even how long it took you to do it. Neither Google Analytics nor any other tracking service is used to surveil you. No cookies, no hidden files, no local storage, no web databases and no BS.

And as a handy reference, your browser’s Do Not Track (DNT) setting is always displayed.

What browsers will PrismCipher work with?

PrismCipher should work flawlessly as an extension in any blink Chromium browser, such as:
Ungoogled Chromium

Porting this over to a non-Chromium browser environment such as FireFox or Safari does not appear to be trivial. It’s planned, but won’t happen soon.

What services does PrismCipher work with?

PrismCipher is compatible with this list of products and services.


Gmail already has confidential mode, so how is PrismCipher any better?

Gmail’s “confidential mode” is neither encrypted, protected, anonymous nor private. Calling it “confidential” is therefore little more than an intentionally misleading marketing strategy.

Consider the following when using confidential mode:
• messages are not end-to-end encrypted (and thus are not secure)
• messages are not private (because Google can always read them)
• expired messages aren’t permanently erased (because they remain in the sender’s sent folder)

How does any of this smack of confidentiality?

PrismCipher gives you data security and protection. It provides endpoint encryption for supported services because the point at which you create the data you send is the point at which PrismCipher encrypts it (before it’s sent). Protection & security don’t occur in the background. Instead of transmitting plaintext, you send encrypted text to your recipient.

It doesn’t matter how long data hangs around in your sent folder or in the destination inbox. It also doesn’t matter whether Google peeks at the contents or some government compels its disclosure. Since the message is encrypted, and since only you and the recipient can decrypt it, nobody else can get anything out of it.

Isn’t Gmail’s SMS passcode protection a good idea?

Not really, because the whole thing is misleading from the start.

The sender gets to unilaterally decide if the recipient’s data is shared with Google. The recipient is neither asked for permission up front nor offered the opportunity after the fact to have their associated data removed from Google’s servers. Now, stop and read that again.

For example, when you send a passcode-protected email to a non-Google user, you’ve just allowed the company to link that phone number to that email address, as well as whatever sensitive information is in your message. There is no mechanism whereby the recipient may decline having their phone number associated with their email, neither is there a restriction permitting this feature to be used only for recipients already registered with Gmail.

This is a clever way for Google to gather information on people who’ve likely refused to use their service to avoid just such data collection—all under the ruse of 2FA. Offering “protection” like this at the expense of another’s privacy isn’t really about protection at all. This is an invasion of privacy for the sake of data mining.

PrismCipher can’t be used to abuse privacy. It doesn’t link any metadata in order to encrypt a message. It seamlessly uses what you already possess—a destination email address—and requires nothing further.

What are the consequences of using PrismCipher?

The use of encryption is growing and its benefits are obvious, but that doesn’t mean you’ll fly under the radar. There are consequences when you use encryption.

Is it legal to use PrismCipher?

I’m not at all certain that matters.

Is it ethical to use PrismCipher? Now, that’s a question.

Is it legal to crack PrismCipher?

Obviously I’m having some fun with this one.

Of course, it’s legal. If you’re able to retrieve the plaintext from any cipher text I give you, naturally I’d like to know about it.

I use this cryptosystem myself, but make no claims as to its fitness for any of your purposes. Use it or not. And if PrismCipher suits you, I’d be pleased to hear it.


Outlook already has encryption, so how is PrismCipher any better?

Unlike Gmail, it’s correct you can actually encrypt your messages in Outlook using:
• digital IDs (certificates) for sender and recipients (S/Mime)
• Office 365 Message Encryption (OME), or
• email encryption add-ins

How do these options compare to using PrismCipher?

S/Mime. This option works with any email account that you have added to Outlook. It requires your recipients to also use Outlook (or an S/Mime compatible email application). All recipients must also install and share encryption certificates. This option won’t work if you need to send encrypted email to free webmail users like Gmail or Yahoo. This is probably the most technical option.

OME. This option does not require installing certificates. It lets you send encrypted messages to any email recipient, but it’s only available if you use an Office 365 email account (Outlook). Also, you need the Outlook application installed as part of the Office 365 subscription (this encryption option is not available in Outlook 2013, Outlook 2016, or Microsoft Office one time license purchases). This is likely the most expensive option.

Add-ins. The right encryption add-in, such as PrismCipher, lets you send encrypted email to any recipient, including free webmail users, using any email account from a supported service. This option is the easiest to employ—it’s the east technical—and is also free. “Software” installation isn’t even necessary; all you have to do is install a simple browser extension.

Why are encrypted messages larger in Outlook?

Compared to ProtonMail, Gmail or Yahoo! Mail, the same message encrypted via Outlook on the web will contain more ciphertext.

This happens because Outlook includes extra HTML formatting in it’s message editor which the others do not. This is a function of how Outlook works, not PrismCipher. PrismCipher isn’t adding extra data to the messages in Outlook.

It was not a design goal to ensure each mail handler encrypts the same message at the same length. The idea is to simply provide encrypted email through existing mail handlers.

Software Message Output

Please use a supported email or chat product

This error message indicates the page does not work with PrismCipher.

To use PrismCipher, you must first start with the web page of a supported product, such as Gmail or Outlook on the web.

The page is out of sync and must be reloaded

This status message means you are using a supported product, but the chrome extension is not in sync with the web page itself. (This can happen when the web page is loaded before the extension.)

The easiest way to remedy this is to refresh the page by clicking the link that says “(Click here to fix it.)”

You could also manually refresh the web page by using the F5 key or clicking the browser’s Reload icon.

Please create some editable content

This status message tells you this is a supported product, but there isn’t any message content able to be encrypted or decrypted yet. (This can happen when you haven’t Composed a new message, or haven’t Forwarded an existing message, etc.)

When PrismCipher encrypts or decrypts, it actually overwrites the existing message, but it can’t do that unless the contents can be changed.

The easiest way to use PrismCipher is to Compose a new message and then encrypt it. You could also Forward an existing message and encrypt it before you hit send. Both of these options create editable content.

Optionally, you can Reply to a message, but you must “show trimmed content” by making the message visible in the edit window. If you can’t see the message, PrismCipher won’t be able to edit it.

No plaintext was found. Please type (or select) something

This error message indicates the product is supported, the page is in sync and the contents seem to be editable, but no data could be found to encrypt. (This can happen when you Reply to a message, but the contents are hidden.)

If you are replying to a message, you’ll want to “show trimmed content” for things to work. This means making sure the message contents are visible in the edit window, not hidden from view.

No ciphertext was found. Have you encrypted anything?

This error message indicates the product is supported, the page is in sync and the contents appear to be editable, but no encrypted data was found.

This can happen when you Reply to a message, but the contents are hidden. It can also occur when you try to decrypt a message that doesn’t have any encrypted data in it.

If you are replying to a message, ensure you “show trimmed content” to proceed. This means making sure the message contents are visible in the edit window, not hidden. You’ll also want to be certain the message has encrypted data in it before decrypting it.

Please enter a passphrase

This error message means you’ve forgotten to enter a passphrase (or password) when you chose to encrypt or decrypt the message.

Decryption error: no ciphertext detected

When you see this error it means PrismCipher tried to use the passphrase you supplied to decrypt the message, but no ciphertext could be detected. (This can happen when the message is all plaintext and contains no encrypted data.)

The contents are encrypted

This success message indicates the data is now encrypted and the entire message has been converted to ciphertext.

Now it’s safe to send your message through any supported service or product.

The selection is encrypted

This success message tells you PrismCipher has just encrypted the text you selected (not necessarily the entire message).

Note: HTML content can be quite complex. The internal markup can contain much more than just the text and images you may see. When PrismCipher cannot successfully encrypt just your selection, it will encrypt the entire message. It may also start with your selection and encrypt all the way to the end of the message. It does this to ensure the integrity of the encrypted contents and to ensure the message can be successfully decrypted.

The contents have been decrypted

This success message indicates the encrypted data is now decrypted and the entire message has been returned to its original state.

The selection has been decrypted

This success message means PrismCipher has decrypted the portion of the message you had just previously encrypted.


What are the limits on my password?

Unlike some encryption products that constrain password length or character set, passwords in PrismCipher are virtually unbounded.

This means your password can have as many as 4,000 characters. You can use regular ASCII as well as full Unicode—that’s over 277,000 symbols including foreign glyphs, alphabets and emoji.

How does PrismCipher work internally?

PrismCipher resembles a synchronous stream cipher where the keystream depends only on the key, not the ciphertext or plaintext. However, it is designed to encrypt discrete messages, not streams or blocks. It’s also designed to withstand differential cryptanalysis. If a single digit is corrupted (via transmission or tampering), the entire message is lost and unrecoverable.

It is polyalphabetic. A rotating substitution array is applied to the plaintext to expand its dynamic range. This means the relationship between a character in the plaintext and the characters in the ciphertext is one‑to‑many.

Prior to encryption, the plaintext message is diffused, compressed and randomly padded. Internally, confusion is introduced to the ciphertext during the main encryption cycle.

PrismCipher supports very long, user-selectable keys (up to 4,000 characters in length). Encryption keys are hashed using algorithms that exhibit a very high avalanche effect.

Messages and keys support full UTF-8 encoding allowing the cryptosystem to process language scripts from Arabic to Katakana to Yi. Visible and invisible graphemes can be used.

No two ciphertexts will be identical, even if the same keys were to be used to encrypt the same plaintext at the same time on the same machine. The cryptosystem randomly adjusts each ciphertext for uniqueness.

Does PrismCipher have a backdoor?

Of course not.

I wouldn’t use a cryptosystem that had special access built-in just for law enforcement, and I wouldn’t expect you to use garbage like that either. There will never be a backdoor here, no matter what governments decide.

Anyone who wants to decipher your messages without your encryption key will have to brute force their way through.