About CryptoPPP

An implementation of Steve Gibson's Perfect Paper Passwords (PPP) system.

Category 1Authentication
Modules dealing with logins, passwords, 2-factor authentication, etc.
Category 2Proof of Concept
Proof of concept modules are designed as examples or starting points for others to build from. May not be ideal for users wanting to plug-n-play.
Release StateBeta
Close to stable, but users are advised to be cautious and test thoroughly.*
Module Version3.1.1
Class NameCryptoPPP
Date AddedOctober 10, 2012
Last UpdatedJuly 9, 2018
Recommended ByNew recommendations may take up to 1 day to appear.


PPP is a one-time-pad cryptographic system that allows easy provision of 2-factor authentication for software applications at a very low-cost. Read more about PPP at http://www.grc.com/ppp/design.htm

Portions copyright Orson Jones, Bob Somers, Daniel Hodder

This module can also be used to generate keys and/or streams of tokens using a given output alphabet.


This module's files should be placed in /site/modules/CryptoPPP/
How to install or uninstall modules


CryptoPPP Library Module For Processwire

Implements Steve Gibson's PPP One-Time-Pad System along with some additional helpers.


Requires OpenSSL and bcmaths PHP extension to be installed.

Version 3.1.0 changed from the, now deprecated, mcrypt library over to using OpenSSL internally.

Generating A Single Key

Simply use $key = CryptoPPP::genKeys(); or $key = CryptoPPP::genKeys(1);

Generating Multiple Keys.

If you want 2 keys you would do $keys = CryptoPPP::genKeys(2); to get them in the $keys array or do list($k1, $k2) = CryptoPPP::genKeys(2); to assign them to named variables.

Now that you have at least one key, you can use it as the basis of generating tokens or token streams.

Converting A Key Into A Token (a strings of characters).

The simplest way to convert a key into a token of a given length and using a given output alphabet is to call the CryptoPPP::keyToToken static method. If no length or alphabet is defined a 12 character token using the default alphabet (!#%+23456789:=?@ABCDEFGHJKLMNPRSTUVWXYZabcdefghijkmnopqrstuvwxyz) will be created from the key.

To create tokens with a format such as 'X7gM-jA9v-KtWs' where the length of the 'blocks' and the 'glue' between them are customisable you can use the related helper method CryptoPPP::keyToTokenBlocks().

Generating A Token Sequence (a One-Time-Pad) From A Key + Sequence Number.

If your application can associate an incrementing sequence number with a key, then you can use the PPP system to generate a One-Time-Pad (a stream of tokens.) This is simply done by passing the key, the sequence position, output alphabet and token length to CryptoPPP::getCode(). Once your application finishes using that token from the token stream, simply increment the sequence number ready for the next usage.