Sunday, March 21, 2010

SHACrypt 1.2.2 released

SHACrypt 1.2.2 is now available for Windows and Linux. Go download the new version!

SHACrypt 1.2.2 fixes various bugs with the GUI (some of which could cause crashes), upgrades the command line help screen to fit in with GNU standards, and adds ShuffleCrypt (which is in the new version 3 of the format).

ShuffleCrypt takes SHACrypt's XOR encryption key generator and uses it to scramble the data (in up to 256-byte chunks). When a file is decrypted, the reverse is done. The ShuffleCrypt key is a randomly generated binary string, and is encrypted along with the contents of the file. Asymmetric encryption works exactly the same way as it did in previous versions.

Saturday, February 20, 2010

./configure and autoconf

After trying to install SHACrypt via Portage on a new Gentoo VM, I've noticed that the Makefile looks patched together, as if I had just taken examples off the internet and put them in a file. That's why the following changes will occur soon:
  • The Makefile will be handled by GNU automake and GNU autoconfig
  • SHACrypt CLI and SHACrypt GUI will be on two separate branches of the repository
  • The test suite will be split up into multiple bash scripts and testing will be done via automake
The end result is a much easier build system that works universally.

Saturday, November 14, 2009

SHACrypt GTK GUI Update 1


The SHACrypt GUI now has full encryption and decryption support. Asymmetric will come soon.

New features since last time:
  •  Everything is included in one executable. You no longer need shacrypt.glade if you don't plan on compiling, or if you don't know what compiling is.
  • Decryption
  • The passwords actually have to match when you encrypt a file.
  • Several advanced features are available in encrypt mode. Look at the advanced tab for more info.
  • Resources are freed from memory when they are no longer in use.
In this stage, the asymmetric user interface is almost ready, but the code isn't written yet, so you will get a few error messages in a command prompt-style window when you open this revision. Just ignore them. Closing the command prompt-style window will close SHACrypt as well. These errors will be gone as soon as the asymmetric encryption part is completed.
  • Windows users can download it immediately, although asymmetric encryption is not yet possible (it will be soon). For the best looks, install the GTK+ runtime (which is required) and the GTK+ theme selector, then choose your favorite theme, both of which can be found at http://gtk-win.sourceforge.net/home/index.php/Downloads#toc_0. The screenshot above was made with the Clearlooks theme.
  • hg clone -r gtk https://shacrypt.googlecode.com/hg/ shacrypt-gtk (If you don't know what that means, ignore this bullet)
  • Make me an icon (16x16, any normal image format, transparency suggested).
  • Make suggestions in the comments for this post.
UPDATE: Asymmetric Encryption has been programmed.

Sunday, November 8, 2009

SHACrypt Graphical User Interface


SHACrypt now has a GTK version in the making. This means that people who are incapable of using DOS can use SHACrypt (or at least will be able to soon).

Here's how you can help:
  • Download it and encrypt stuff (the advanced encryption, decryption, and asymmetric encryption parts aren't ready yet)
  • hg clone -r gtk https://shacrypt.googlecode.com/hg/ shacrypt-gtk (If you don't know what that means, ignore this bullet)
  • Make me an icon (16x16, any normal image format, transparency suggested).
  • Make suggestions in the comments for this post.

Saturday, November 7, 2009

SHACrypt 1.2 released

Go download the new version!

The command line interface is almost the same as the previous versions with one small difference:

It includes the ability to hash with multiple algorithms, making files more secure. You can activate this by typing letters a-h after the e for encrypt. For example, if I wanted to use algorithms a, b, and c, and my password was "blue", my command would be shacrypt eabc blue input.txt output.bin.

Although the new feature will make your SHACrypt files more secure, there are a few things to think about:
  • The new files cannot be read by the older versions. However, users will simply have to download a newer version of SHACrypt to decrypt them.
  • All the security features in the world combined can't do anything about weak passwords. Try to include capital and lowercase letters as well as numbers and keep your passwords at least 8 characters long. Also, don't use something like your first name as your password, as it's too easy to guess.

    Try to think of something random, then mess around with the word. For example, apple could turn into ApPl3, which can still be remembered easily, but is much more secure.

Most people should stop reading here.

1.2
  • Multiple hashing algorithms can be used at once:
  • The format has changed. Revision 2 is as follows:
Name
Command Line ID
File ID
SHA1
a
0x01
SHA224
b
0x02
SHA256
c
0x04
SHA384
d
0x08
SHA512
e
0x10
MD5
f
0x20
CubeHash
g
0x40
WHIRLPOOL
h
0x80
Offset
Length
Description
0
3
Literal hex bytes: A7 09 C3
3
1
Encryption format revision ID (02)
4
1
Null byte (00)
5
1
Length of random data (bytes) 00 stands for 1 byte, FF is 256 bytes.
6
1-256
Random data used as a salt
7-262
1
Bitwise field of algorithms used. See above for a list.
8-263
Any
Encrypted data

Friday, November 6, 2009

Decryption challenge

The File
I encrypted a BZ2-compressed version of the 1995 CIA World Factbook using SHACrypt 1.2. The password was a 63-character ASCII printable string from GRC's Ultra High Security Password Generator. The challenge is to decrypt it and find the password.

Prize
There is currently no prize other than fame.

How to participate
You're allowed to use any legal program to decrypt the file. You can download the encrypted file from the SHACrypt downloads page.
In order to win, you will need to send the password and the method you used to find it to the SHACrypt Google Group.
Good luck to everyone who tries!

Saturday, October 24, 2009

Initial ideas

  • It would be cool if multiple ciphers could be used. For example, encrypt using both SHA1 and SHA256, or SHA512 and WHIRLPOOL. While this technically wouldn't improve the security, as a weak password would still be just as weak, it would make brute forcing a lot harder. There would have to be some flag that would tell SHACrypt which algorithms to use (perhaps a 32 or 64 bit integer used bit-by-bit?)
  • I've toyed around with the idea of moving bytes around, but it's pretty much unfeasible with asymmetric encryption.