πŸŒ‹ Chaos Encryptor

Browser-first file encryption powered by video-based entropy

πŸŒ‹
Video Entropy Chaotic Motion β†’ Randomness
πŸ”¬ CSIDH-512 Isogeny Layer EXPERIMENTAL
πŸ›‘οΈ ML-KEM-768 Quantum-Safe
πŸ” AES-256-GCM Core Encryption
πŸ“„ Your File
AES-256-GCM
ML-KEM-768
CSIDH-512
πŸ” Generate Keys (Kyber / CSIDH) πŸ”“ Decrypt Files

πŸ“‹ How It Works

Four security levels available: Basic (AES only), Quantum-Safe (AES + Kyber key wrapping), πŸŒ‹ Maximum Security (Quantum-Safe + 100% video entropy), or πŸ”¬ Experimental Ultra-Maximum (CSIDH + Kyber + 100% video entropy)

πŸ” Understanding the Three Security Levels (click to expand)

Several major organizationsβ€”most famously Cloudflareβ€”use lava lamps as a real-world source of randomness to generate cryptographic entropy. In Cloudflare's San Francisco headquarters, a wall of hundreds of lava lamps is continuously filmed, and the constantly changing, unpredictable motion of the wax inside each lamp is converted into digital data. This randomness, derived from physical chaos, helps seed encryption keys used to secure internet traffic for millions of users.

The key reason this method is so valuable is that true randomness cannot be simulated by a computer alone. Software-based "random number generators" are actually pseudo-randomβ€”they rely on mathematical algorithms that, given the same input, will always produce the same output. Lava lamps, on the other hand, embody natural entropy: fluid dynamics, heat, light, and chaos that are impossible to precisely replicate or predict. By anchoring digital security in real-world unpredictability, systems like these protect cryptography from deterministic weaknesses and ensure genuinely secure encryption.

πŸ” Level 1: Basic (AES-256 Only)

Your file is encrypted with military-grade AES-256-GCM. You receive an encryption key that you must keep safe.

⚠️ Consideration: AES-256 itself remains strong even against quantum computers, but the bare encryption key is stored/transmitted without quantum-resistant protection. If you need to protect the key itself with post-quantum cryptography, use Level 2 or 3.

πŸ›‘οΈ Level 2: Quantum-Safe (AES + Kyber Key Wrapping)

Your file is still encrypted with AES-256-GCM, but here's the critical difference: the AES encryption key is wrapped (protected) inside a quantum-resistant ML-KEM-768 (Kyber) envelope.

πŸ’‘ How is this quantum-safe if the file is still AES-encrypted?

The encrypted file itself uses AES-256 (which remains strong against quantum attacks). The critical protection is that the AES key is never stored directly. Instead:

  1. The AES key is encapsulated using your ML-KEM public key
  2. The wrapped key is saved in a .mlkem.json file
  3. To decrypt, you need your Kyber private key to unwrap the AES key
  4. ML-KEM (Kyber) is designed to resist quantum computer attacks

Result: The AES key is protected by a quantum-resistant wrapper. Without your Kyber private key, no one (including quantum computers) can extract the AES key from the .mlkem.json file.

πŸ“¦ What you keep: Encrypted file + .mlkem.json file + Your Kyber private key (or the displayed AES key as backup)

πŸŒ‹ Level 3: Maximum Security (Quantum-Safe + Video Entropy)

This is Level 2 (Quantum-Safe) with an additional layer of paranoia: all randomness comes from your video source instead of browser/system random number generators.

When you enable "πŸŒ‹ Maximum Security" mode, the system collects approximately 24 frames total:

  • 12 frames for AES key derivation (entropy seed)
  • 12 frames for Kyber encapsulation randomness

πŸ”₯ Why use video entropy for Kyber?

Browser random number generators (crypto.getRandomValues) are generally secure, but some security-critical applications worry about potential backdoors or weaknesses in hardware/software RNGs. By using physical chaos (lava lamps, flowing water, etc.) for all randomness, you ensure complete independence from potentially compromised system generators. This is the highest level of paranoia for maximum-security scenarios.

πŸŽ₯ Trade-off: Takes ~2-3 seconds longer to collect extra entropy, but provides 100% physical randomness for both encryption layers.

πŸ”¬ Level 4: Experimental Ultra-Maximum Security (CSIDH + Kyber + Video Entropy)

⚠️ EXPERIMENTAL: Pioneering Multi-Layer Post-Quantum Protection

This experimental level adds CSIDH-512 (Commutative Supersingular Isogeny Diffie-Hellman) as an additional quantum-resistant layer on top of ML-KEM-768 (Kyber). This creates unprecedented defense-in-depth:

  1. AES-256-GCM encrypts your file (quantum-resistant symmetric encryption)
  2. ML-KEM-768 (Kyber) wraps the AES key (lattice-based post-quantum)
  3. CSIDH-512 wraps the Kyber-wrapped key (isogeny-based post-quantum)
  4. 100% video entropy for all randomness (~36 frames total)

πŸ›‘οΈ Why Layer CSIDH with Kyber?

Algorithmic diversity: An attacker would need to break BOTH lattice-based (Kyber) AND isogeny-based (CSIDH) cryptography to access your key. Even if one algorithm falls to future attacks, the other still protects you. This follows the same principle as Monero's upcoming Jamtis addressing scheme.

CSIDH characteristics:

  • Based on isogenies between elliptic curves (different math than lattices)
  • Tiny keys: only 64 bytes (vs 1KB+ for Kyber)
  • Non-interactive key exchange (NIKE) like classical Diffie-Hellman
  • ~1000Γ— slower than classical crypto (intentional security feature)

When you enable "πŸ”¬ Experimental Ultra-Maximum Security" mode, the system collects approximately 36 frames total:

  • 12 frames for AES key derivation
  • 12 frames for Kyber encapsulation
  • 12 frames for CSIDH encapsulation

πŸ“¦ What you keep: Encrypted file + .mlkem.json + .csidh.json + Your Kyber AND CSIDH private keys

⏱️ Performance: CSIDH operations take ~800ms extra due to the computational intensity of isogeny calculations

  1. 1 Before you start: Set up your entropy source (lava lamps, flowing water, traffic, trees in wind, etc.). If using quantum protection: generate your keys (select ML-KEM-768 for Kyber or CSIDH-512 for CSIDH) first β€” you'll paste the public keys during encryption and save the private keys securely for later decryption
  2. 2 Enable your camera and point it at your chaos source. The system captures visual entropyTrue randomness from unpredictable physical chaos - continuously changing patterns create unguessable cryptographic material from the continuous motion
  3. 3 Choose your file to encrypt. Optionally add a passphrase to modify key derivation. For quantum protection: paste your ML-KEM-768Kyber public key for lattice-based post-quantum protection public key. For ultra-maximum security: also paste your CSIDH-512Isogeny-based public key for algorithmic diversity public key (requires Kyber to be enabled)
  4. 4 Click Encrypt. The system extracts entropy using BLAKE3Fast cryptographic hash function (falls back to SHA-256 if unavailable), derives your encryption key via HKDFGenerates strong keys from raw entropy, and encrypts with AES-256-GCMMilitary-grade authenticated encryption. If Kyber is enabled, the AES key is wrapped in a quantum-resistant envelope. If CSIDH is also enabled, an additional isogeny-based layer wraps the Kyber envelope. Camera stops automatically when done.
  5. 5 Download your encrypted file (.enc) and copy the encryption key (hidden by default - click the eye icon πŸ‘οΈ to view, or copy directly). With Kyber: also download the .mlkem.json file. With CSIDH: also download the .csidh.json file. Without these keys, your file cannot be decrypted!
πŸ“Ή
βœ“
Video Entropy Source

Point your camera at chaotic motion: lava lamps, flowing water, traffic, trees in wind, or anything unpredictable.

πŸ’‘ More motion = better entropy. Avoid static scenes. Camera stops automatically after collecting entropy.

1 2 3 4
1
Choose File
πŸ“
Click or drag file here

Add an extra layer of security by mixing your own passphrase into the encryption key The passphrase is combined with video entropy during key derivation, making the final AES key dependent on both sources .

Protect your encryption key with post-quantum cryptography ML-KEM-768 (Kyber) wraps the AES key in a quantum-resistant envelope designed to protect against future quantum computer attacks on the key .

Ready to encrypt! The meter below shows current motion quality.

1 / 6