One-Time Pad Encryption

The only encryption that's truly unbreakable

Perfect secrecy proven by mathematics. Not vulnerable to quantum computers. Not now. Not ever.

ASH uses the One-Time Pad cipher — the only encryption method with mathematically proven security. Unlike modern cryptography that relies on computational hardness, OTP provides information-theoretic security that no amount of computing power can break.

Download for iOS View on GitHub

Screenshot placeholder

Messages

Screenshot placeholder

Conversations

How It Works

Four steps to perfect secrecy

ASH takes a fundamentally different approach to secure messaging. Instead of relying on complex mathematical problems that might one day be solved, ASH uses a simple but provably unbreakable method.

Meet in Person

Meet your contact face-to-face. This is the foundation of trust — no servers, no third parties, just two people who can verify each other's identity directly.

Exchange Keys

Scan QR codes to share a unique encryption pad. This happens completely offline — the key material never touches the internet, making interception impossible.

Message Securely

Each message consumes unique bytes from your shared pad. Once used, those bytes are permanently destroyed — providing perfect forward secrecy for every message.

Burn When Done

When your conversation is complete, burn the remaining key material. All evidence of the conversation is permanently destroyed — messages become mathematically unrecoverable.

Interactive Demo

See the ASH protocol in action

Watch how ASH uses a shared One-Time Pad for secure bidirectional communication. Alice and Bob each consume key bytes from opposite ends — ensuring their messages never collide.

Shared One-Time Pad

64 bytes shown (actual pads are 32KB–1MB)

Alice (from start)

Available

Bob (from end)

Alice (Initiator)

Encrypts from pad start →

Send a message

Bob (Responder)

← Encrypts from pad end

Send a message

Alice used

Bytes remaining

Bob used

How bidirectional encryption works

Shared secret. During an in-person ceremony, Alice and Bob exchange an identical One-Time Pad via QR codes. This pad is their shared secret — never transmitted over any network.

Opposite consumption. Alice encrypts using bytes from the start of the pad. Bob encrypts using bytes from the end. This ensures they never use the same bytes — critical for OTP security.

One-time use. Each byte is used exactly once, then destroyed. Even if the pad is later compromised, already-sent messages cannot be decrypted — perfect forward secrecy.

The App

Simple, focused, secure

ASH is designed with one purpose: private conversations that stay private. Every feature serves security, every screen is intentional. No bloat, no distractions — just bulletproof communication.

Screenshot placeholder

Conversation List

Your secure conversations at a glance. See remaining pad capacity, last activity, and quickly access any conversation. Color-coded for easy identification.

Screenshot placeholder

QR Ceremony

Exchange encryption keys face-to-face via QR codes. The ceremony is completely offline — your shared secret never touches the internet. Verify with a 6-word mnemonic.

Screenshot placeholder

Secure Chat

Messages encrypted with your One-Time Pad. Each message consumes unique key bytes that are destroyed after use. See your remaining capacity and message status.

Screenshot placeholder

Entropy Collection

Generate truly random keys by drawing on screen. Your gestures combine with system randomness to create unpredictable encryption keys. Watch entropy accumulate visually.

Screenshot placeholder

Mnemonic Verification

Verify your key exchange with a human-readable 6-word checksum. Both parties see the same words — speak them aloud to confirm your shared secret matches perfectly.

Screenshot placeholder

Burn Everything

Permanently destroy your conversation with one tap. All key material is wiped, making past messages mathematically unrecoverable. Both parties are notified instantly.

Security

What makes ASH different

Most "secure" messaging apps rely on computational security — problems that are hard but not impossible to solve. ASH is fundamentally different. Here's what that means for you.

Perfect Secrecy

Ciphertext reveals zero information about your message. This isn't a claim — it's a mathematical proof by Claude Shannon in 1949. The gold standard of cryptography.

Forward Secrecy

Key bytes are destroyed after each message. Even if someone compromises your device tomorrow, they cannot decrypt messages you sent today. Every message is protected independently.

Quantum Immune

Quantum computers will break RSA, ECC, and most modern encryption. OTP is immune because it doesn't rely on mathematical hardness — it's information-theoretic security.

Zero Trust Backend

Our servers never see your keys or plaintext. They relay encrypted blobs and nothing more. Even if we're compromised, hacked, or compelled — we have nothing to give.

No Backdoors

No key recovery. No escrow. No master keys. No "lawful access" capabilities. The math doesn't allow it, and we wouldn't build it if it did. Only you can decrypt your messages.

Open Source

The core cryptographic library is public on GitHub. Zero external dependencies. Every line of security-critical code is auditable. Trust, but verify.

Comparison

Why not Signal or WhatsApp?

Signal and WhatsApp are excellent apps with strong security for everyday use. But they rely on computational assumptions that may not hold forever. ASH is for when "probably secure" isn't enough.

Signal / WhatsApp

ASH

Security basis

Computational hardness

Mathematical proof

Quantum resistant

Vulnerable to Shor's algorithm

Completely immune

Key exchange

Remote via servers

In-person via QR codes

Server trust

Servers see metadata

Servers see only noise

Future security

Depends on unsolved problems

Guaranteed by information theory

This isn't about Signal being bad — it's excellent. ASH serves a different threat model for people who need absolute guarantees.

Who It's For

When "probably secure" isn't enough

ASH isn't for everyone. It requires meeting in person and has limited message capacity. But for certain situations, these trade-offs are more than worth it.

Journalists

Protect sources who risk their careers, freedom, or lives to share information. When source protection is paramount, mathematical certainty matters.

Whistleblowers

Communicate with trusted parties while minimizing digital footprints. When exposing wrongdoing, you need encryption that can't be broken even years later.

Human Rights Workers

Coordinate safely in environments where surveillance is pervasive and life-threatening. When the stakes are highest, settle for nothing less than proven security.

High-Stakes Business

Negotiate deals, discuss strategy, or share sensitive information when the cost of compromise is catastrophic. Perfect secrecy for perfect discretion.

Trade-offs

Honest about constraints

Perfect security requires real limitations. We believe in being upfront about them. These aren't bugs — they're features that make the security guarantees possible.

Physical meeting required

Key exchange happens offline via QR codes. This prevents any network-based attack on key distribution — the foundation of OTP security.

Finite message capacity

OTP requires one key byte per message byte. Choose pad sizes from 32KB (~25 messages) to 1MB (~800 messages) during the ceremony.

Two people only

Group encryption would require sharing keys with multiple parties, exponentially increasing attack surface. ASH is strictly one-to-one.

Text and location only

Photos and videos would exhaust your pad quickly. ASH focuses on what matters most: secure text communication and emergency location sharing.

Ready for perfect secrecy?

Download ASH and establish your first mathematically unbreakable conversation.

Download for iOS Read the Whitepaper