Files itself password protected

Discussion in 'Application Software' started by Capum130, Nov 3, 2011.

  1. Capum130

    Capum130 MDL Member

    Jan 25, 2011
    227
    4
    10
    Sup, How do I manage to password protect some files itself (paper work ms office files; no porn, I not even had time to d/l. :cool:, some notepad's and jpeg's.)
     
  2. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    Have a look at axcrypt. It's a program that integrates into windows' shell (right click context menu). You can encrypt/decrypt files with it and create autodecrypting files. When you open an encrypted file it'll ask you for a password, you can then edit the file and when you save it the encrypted copy is automatically updated. You can also let it create a key file if you don't like passwords. And last but not least, when you enrypt a file it automatically shreds (= delete + overwrite) the original file so it can not be recovered.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Capum130

    Capum130 MDL Member

    Jan 25, 2011
    227
    4
    10
    awesome software! thanks! couple questions though: >>Create a key file if you don't like passwords —> what is it? like a master password ?
    >>it Automatically Shreds (= delete + overwrite) the original file so it can not be recovered —> by means of using a data recovery software ?
    appreciate your attention
     
  4. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    #4 Stannieman, Nov 3, 2011
    Last edited: Nov 3, 2011
    About the shredding, it indeed means it can't be recovered with recovery tools. I don't think however it's 100% save as it seems to do only 1 overwrite instead of multiple passes. Special tools and labs can probably still recover it.
    A key file is a file with random data, it's the same as if you could let it generate a random password. But because you don't have to remember the key itself it can generate an extremely long key.
    As always with good encryption: the longer the key, the safer your data is.

    AxCrypt uses AES (rijndeal algorithm) for it's encryption, you may want to know that too.

    EDIT:
    I made a keyfile to see what it does, and actually I'm a bit disappointed.
    It only generates 11 groups of 4 ascii characters.
    1) When you don't have to remember the key I'd expect it to generate random binary data. For example ascii characters as backspace, null, etc etc aren't used now, that without any reason.
    2) Why is the key not longer? Instead of only 11 x 4 characters it could use hundreds of characters. That might increase encryption/decryption times yes, but then they could let you choose between degrees of safety, with safer (longer key) being slower.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Capum130

    Capum130 MDL Member

    Jan 25, 2011
    227
    4
    10
    Which tools could be able to recover the axcrypt shredded files ?
    About key-file: I made one key-file from a ABC.txt containing few things. I didn't store it in a removable media, it is in the directory above the ABC.txt file. Now what? How do I use the key-file?
    Appreciate your instructions.
    Ivan
     
  6. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    When encrypting, point it to the keyfile instead of entering a pw.
    And I don't think programs can recover shredded files, but laboratories can when analyzing the magnetic fields on the platters.
    A little story about that:
    I bit on a harddisk can not only be full 1 or full 0, but also something in between.
    Take a look at the following scheme.
    248697.png

    When a 1 is written in the disk it's anywhere in the green part, when 0 is written it's anywhere in the red part.
    When the disk is read, any bit with a magnetic field strength in the red zone is taken 0, anything in green is 1.

    Now when a laboratory analizes a disk that has been overwritten once, they can derive the previous data from it.
    If a bit is full 1 (zone 4) that means that it was already a 1 before it was overwritten. If it is in zone 3, that means that it was a 0 before, cause if it was a 1 before and then be overwritten with a 1 again it would have been in zone 4.
    If it's 0 and in zone 2 then it must have been a 1 before. If it's 0 but and in zone 1, then it must have already been a 0 before, cause if it was a 1 before and then overwritten by 0 it would have been in zone 2.

    If you take out the platters and analyze them you can find the previous data this way. Software however can not, as the firmware of the hdd doesn't give a s**t about the zones, it just returns 1 of the read/write head reads something in green and 0 if the head reads something in red. And software can only communicate with the disk by it's firmware, it can not directly measure the magnetic strength read by the heads.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Capum130

    Capum130 MDL Member

    Jan 25, 2011
    227
    4
    10
    the encryption level of the password entering method in AxCrypt is more likely to be hacked or the real chances tend null ? (considering a risky environment)
    *acrsn, many thanks for informing.
     
  8. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    The rule is that a longer key is more secure than a shorter key when applying the same algorithm, regardless it being in a keyfile or a passphrase.
    So AES with a 128bit key is less secure than AES with a 256bit key.
    The only risk with passphrases is that if it are real words instead of some random shizle, someone might be able to guess it. But that's a human factor and has nothing to do with the safety of the encryption itself.

    I think by the way that axcrypt only uses 128 bit keys, so I think it actually takes a hash of your password and uses that as key.
    But don't worry, except when you think the government really needs your data and uses a supercomputer to brute force the key, you're all safe ;)

    And truecrypt is indeed a very good program, but it can't be used to encrypt an individual file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Capum130

    Capum130 MDL Member

    Jan 25, 2011
    227
    4
    10
    So a 22 random characters password gets the maximum security possible for AES 128 bit ?
    something invented like 'matacebu' or 'MAtacebU' or even 'KzfEcaStaNhA' (where castanha is a word) are considered random? don't worry, my password isn't that cute.
    What if I view or edit a txt.axx (AxCrypt extension) in MS Office which creates temporary copies of the content, would they be accessible? In this case, using other app than Notepad, I should do what AxCrypt/security.html#Local_PC_Security recommends?:
    1 EFS applied on C:\Users\Username\AppData\Local\Temp
    2 secpol.msc — Clear Virtual Memory Pagefile : Enabled
    Is that it ?
     
  10. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    I don't know how it works whan opening an ecnrypted file in word. I guess it decryts the file to a temp dir, and when word saves it and closes it encrypts the new file and shreds.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. Archetype

    Archetype MDL Novice

    Feb 13, 2011
    31
    2
    0
    All these programs encrypt the files , even from Linux ? If i encrypt a file and been stolen from someone who has Linux , can read it ? :confused:
     
  12. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    If you encrypt a file from windows, it can't be read from linux either, you need to decrypt it first.
    Is that what you mean?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Archetype

    Archetype MDL Novice

    Feb 13, 2011
    31
    2
    0
    Yes . Exactly. But i didn't explain correctly . If this file is in a usb (or removable drive) ? at past i was did something like this with a program called "protected folder" i think. When i put the usb on a Linux system , file or folder i had encrypted , it was there. I could read it or write it or remove it.
     
  14. Stannieman

    Stannieman MDL Guru

    Sep 4, 2009
    2,232
    1,803
    90
    I have no idea how that worked, but if it was readable under linux it didn't encrypt the data itself, that's for sure.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. Archetype

    Archetype MDL Novice

    Feb 13, 2011
    31
    2
    0
    #16 Archetype, Nov 26, 2011
    Last edited: Nov 26, 2011
    Yes that's for sure. You have right .
    The work that i want, did the BitLocker.Was Encrypted the files and added a password on usb flash drive. Linux ofcourse passed the password but files was still encrypted. I couldn't see anything but bitlocker files.
     
  16. Sameer Ahmed Khan

    Sameer Ahmed Khan MDL Novice

    Dec 5, 2011
    26
    0
    0
    Thanks for the info, it would really help me in future!