Haiders WebSpace » Cryptography

TrueCrypt: A tool to encrypt volumes on-the-fly

Haider al-Khateeb — Tue, 15 Nov 2011 00:55:03 +0000

TrueCrypt

TrueCrypt is a powerful yet free Open-Source disk encryption Software. I am quite satisfied with the software that I decided to introduce it here in my blog, may all future releases remain free to use!

With TrueCrypt you can maintain an on-the-fly-encrypted volume (data storage device). On their website they explain ‘On-the-fly encryption’ as an automatic continuing encryption process to data right before it is saved and decrypted right after it is loaded. In simple words, you will end up having an encrypted volume to secure all your sensitive data inside. This volume can be mounted and accesses like any regular folder in your system each time you provide the right password and then dismounted to prevent access.

What I personally think makes this software special is the ease of using encrypted files right from the secured volume to the computer’s RAM. As such, if you have a video file, you will not wait until it is fully decrypted to play it, instead the stream will be decrypted right into the RAM while playing, the performance and speed is quite similar to playing any regular video file you have on your system. Brilliant, isn’t it?

Similarly, files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (drag-and-drop). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume.

TrueCrypt ‘never saves any decrypted data to a disk – it only stores them temporarily in RAM (memory)’. In addition, it supports ‘hidden volumes’, which means that you may easily hide an encrypted volume inside an another encrypted volume without showing any evidence of its existence to other users of the system. This is a very important feature in case someone forces you to decrypt your sensitive data. (check TrueCrypt documentation for more information about hidden volumes).

To install and use in Linux, download the appropriate package from their website: www.truecrypt.org.

Since windows installation is wizard-based, I will leave that and cover the Linux installation procedure. First, download the Console-only version, in my case the file is called: truecrypt-7.1-linux-console-x86.tar.gz and was downloaded from the internet to: /home/haider/Downloads. Lets move it to the /usr/local/bin directory

mv /home/haider/Downloads/truecrypt-7.1-linux-console-x86.tar.gz /usr/local/bin

Then navigate to where it was moved and extract the file

cd /usr/local/bin
tar xfzv truecrypt-7.1-linux-console-x86.tar.gz

This should produce the bin file to be excuted: truecrypt-7.1-setup-console-x86. Good! lets now delete the archive file since we do not need it any more.

rm truecrypt-7.1-linux-console-x86.tar.gz

Now, change the file’s permissions to 755

chmod 755 truecrypt-7.1-setup-console-x86

Install using the following command and accept the terms of use (select option 1 to install)

./truecrypt-7.1-setup-console-x86

After a successful installation, you may display all the software’s arguments and options with

truecrypt -help

Further, lets create an encrypted volume. To do that use truecrypt -c.

truecrypt -c

Check out the following example from my Linux box:

Volume type:
 1) Normal
 2) Hidden
Select [1]: 1
 
Enter volume path: /root/my-crypt
 
Enter volume size (sizeK/size[M]/sizeG): 500m
 
Encryption algorithm:
 1) AES
 2) Serpent
 3) Twofish
 4) AES-Twofish
 5) AES-Twofish-Serpent
 6) Serpent-AES
 7) Serpent-Twofish-AES
 8) Twofish-Serpent
Select [1]: 1
 
Hash algorithm:
 1) RIPEMD-160
 2) SHA-512
 3) Whirlpool
Select [1]: 2
 
Filesystem:
 1) None
 2) FAT
 3) Linux Ext2
 4) Linux Ext3
 5) Linux Ext4
Select [2]: 5
 
Enter password: 
WARNING: Short passwords are easy to crack using brute force techniques!
 
We recommend choosing a password consisting of more than 20 characters. Are you sure you want to use a short password? (y=Yes/n=No) [No]: y
 
Re-enter password: 
 
Enter keyfile path [none]: 
 
Please type at least 320 randomly chosen characters and then press Enter:
Characters remaining: 259
Characters remaining: 190
 
 
Done: 100.000%  Speed:  7.0 MB/s  Left: 0 s          
 
The TrueCrypt volume has been successfully created.

From above, the volume’s path is: /root/my-crypt
Let mount it to a directory called encrypted-volume to start encrypting files.

mkdir /home/haider/encrypted-volume

Now lets mount them.

truecrypt /root/my-crypt /home/haider/encrypted-volume/

This will open a gate to the encrypted volume, as such we must provide the correct password:

Enter password for /root/my-crypt: 
Enter keyfile [none]: 
Protect hidden volume (if any)? (y=Yes/n=No) [No]: n

From this point, to encrypt files just move them to the encrypted-volume directory. Once finished, demount the two to protect your files:

truecrypt -d

In the future, if you require access to your encrypted files, or if you want to encrypt more files in that volume. Mount it again. That’s all!

Applet implementation to code Caesar’s substitution cipher

Haider al-Khateeb — Wed, 16 Mar 2011 01:04:05 +0000

In cryptography, Caesar cipher is one of the simplest encryption techniques. It is a substitution cipher in which each letter in the plaintext is replaced by a letter after a fixed number of positions down the alphabet. However, this applet shifts each character (letter, number of symbol) after a number of positions down the ASCII table. Caesar’s cipher is categorised as a symmetric encryption and the secret key in this case is the number of shifts!

To encrypt, select the encode mode, number of shifts and click Run.

You may encode a message multiple times.

To Decrypt, select the decode mode and reverse your steps.

Cannot run Applet!
You do not have Java 2 JDK, Standard Edition v 1.5.0_05 support for APPLET!!

IMPORTANT NOTICE: please note that I did not sign this applet so you may not be able to copy/paste text between the applet and your computer. To read more about this issue I posted another blog called: Creating an executable jar file for an applet.
If you like this piece of software, download the applet to your computer from here (executable jar file). Running the software on your system will solve the copy/paste problem. To successfully execute jar files on your system, you -of course- need to have the Java Runtime Environment (JRE) installed. If you still can not run the jar file, use the ‘Open with’ option and select javax.exe (javax.exe is located inside the bin directory of your JRE folder e.g. C:\Program Files\Java\jre6\bin).

Further, here is the source code I developed for this applet for you to check and compile if you are interested.

/*
 * CaesarCode.java
 *
 * By Haider al-Khateeb (http://blog.creativeitp.com)
 * Created on Mar 14, 2011.
 */
 
package CaesarCodePackage;
 
import javax.swing.JOptionPane;
 
public class CaesarCode extends javax.swing.JApplet {
 
    private String inputText;
	private char [] inputTextChr;
	private int [] inputTextInt;
	private char [] outputTextChr;
	private String intArray = "";
	private String cipher = "";
	private String plain = "";
 
	public static String newLine = System.getProperty("line.separator");
 
             public void inputText(String inputText)
	{
		this.inputText = inputText;
	}
 
	public String getinputText()
	{
		return inputText;
	}
 
	public void convertToChar()
        {
		inputTextChr = inputText.toCharArray();
	}
 
	public void convertCharToInt()
        {
		inputTextInt = new int[inputTextChr.length];
		for (int i=0;i<inputTextChr.length;i++)
                    {
			int inputTextInt2 = (int) inputTextChr[i];
			inputTextInt[i] = inputTextInt2;
                    }
	}
 
 
	public String getIntArray(){
		for (int i=0;i<inputTextInt.length;i++)
                    {
			intArray += inputTextInt[i] + ", ";
                    }
		return intArray;
	}
 
	public String encrypt(int shift)
        {
		for (int i=0;i<inputTextInt.length;i++)
                        {
 
			if ((inputTextInt[i]+shift)> 126)
			{
				inputTextInt[i] =((shift-(126-inputTextInt[i]))+31);
			}
 
			else {	inputTextInt[i] += shift;
			}
 
			}
		outputTextChr = new char[inputTextInt.length];
		for (int i=0;i<outputTextChr.length;i++){
			char outputTextChr2 = (char) inputTextInt[i];
			outputTextChr[i] = outputTextChr2;
                        }
		for (int i=0;i<outputTextChr.length;i++){
			cipher += outputTextChr[i];
			}
		return cipher;
	}
 
	public String decrypt(int shift){
		for (int i=0;i<inputTextInt.length;i++)
                {
			if ((inputTextInt[i]-shift)< 32)
			{
				inputTextInt[i] =(127-(shift-(inputTextInt[i]-32)));
			}
 
			else { inputTextInt[i] -= shift; }
			}
		outputTextChr = new char[inputTextInt.length];
		for (int i=0;i<outputTextChr.length;i++){
			char outputTextChr2 = (char) inputTextInt[i];
			outputTextChr[i] = outputTextChr2;
                    }
		for (int i=0;i<outputTextChr.length;i++){
			plain += outputTextChr[i];
			}
		return plain;
	}
 
 
    /** Initializes the applet CaesarCode */
    public void init() {
        try {
            java.awt.EventQueue.invokeAndWait(new Runnable() {
                public void run() {
                    initComponents();
                }
            });
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
 
    /** This method is called from within the init() method to
     * initialize the form.
     * WARNING: Do NOT modify this code. The content of this method is
     * always regenerated by the Form Editor.
     */
    @SuppressWarnings("unchecked")
    // //GEN-BEGIN:initComponents
    private void initComponents() {
 
        jPanel1 = new javax.swing.JPanel();
        jLabel1 = new javax.swing.JLabel();
        jScrollPane1 = new javax.swing.JScrollPane();
        jTextArea1 = new javax.swing.JTextArea();
        jComboBox1 = new javax.swing.JComboBox();
        jLabel2 = new javax.swing.JLabel();
        jLabel3 = new javax.swing.JLabel();
        jScrollPane2 = new javax.swing.JScrollPane();
        jList1 = new javax.swing.JList();
        jButton1 = new javax.swing.JButton();
        jButton2 = new javax.swing.JButton();
        jButton3 = new javax.swing.JButton();
        jButton4 = new javax.swing.JButton();
        jButton5 = new javax.swing.JButton();
 
        jPanel1.setBackground(new java.awt.Color(102, 204, 255));
        jPanel1.setBorder(javax.swing.BorderFactory.createEtchedBorder(new java.awt.Color(102, 255, 255), null));
 
        jLabel1.setText("Input your message in the following box");
 
        jTextArea1.setColumns(20);
        jTextArea1.setLineWrap(true);
        jTextArea1.setRows(5);
        jTextArea1.setWrapStyleWord(true);
        jScrollPane1.setViewportView(jTextArea1);
 
        jComboBox1.setModel(new javax.swing.DefaultComboBoxModel(new String[] { "Encode", "Decode" }));
 
        jLabel2.setText("Select mode");
 
        jLabel3.setHorizontalAlignment(javax.swing.SwingConstants.RIGHT);
        jLabel3.setText("Number of shifts");
 
        jList1.setModel(new javax.swing.AbstractListModel() {
            String[] strings = { "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31", "32", "33", "34", "35", "36", "37", "38", "39", "40", "41", "42", "43", "44", "45", "46", "47", "48", "49", "50" };
            public int getSize() { return strings.length; }
            public Object getElementAt(int i) { return strings[i]; }
        });
        jList1.setSelectionMode(javax.swing.ListSelectionModel.SINGLE_SELECTION);
        jList1.setVisibleRowCount(3);
        jScrollPane2.setViewportView(jList1);
 
        jButton1.setText("Run");
        jButton1.addActionListener(new java.awt.event.ActionListener() {
            public void actionPerformed(java.awt.event.ActionEvent evt) {
                jButton1ActionPerformed(evt);
            }
        });
 
        jButton2.setText("Help?");
        jButton2.addActionListener(new java.awt.event.ActionListener() {
            public void actionPerformed(java.awt.event.ActionEvent evt) {
                jButton2ActionPerformed(evt);
            }
        });
 
        jButton3.setText("Copy");
        jButton3.addActionListener(new java.awt.event.ActionListener() {
            public void actionPerformed(java.awt.event.ActionEvent evt) {
                jButton3ActionPerformed(evt);
            }
        });
 
        jButton4.setText("Paste");
        jButton4.addActionListener(new java.awt.event.ActionListener() {
            public void actionPerformed(java.awt.event.ActionEvent evt) {
                jButton4ActionPerformed(evt);
            }
        });
 
        jButton5.setText("Select All");
        jButton5.addActionListener(new java.awt.event.ActionListener() {
            public void actionPerformed(java.awt.event.ActionEvent evt) {
                jButton5ActionPerformed(evt);
            }
        });
 
        javax.swing.GroupLayout jPanel1Layout = new javax.swing.GroupLayout(jPanel1);
        jPanel1.setLayout(jPanel1Layout);
        jPanel1Layout.setHorizontalGroup(
            jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addGroup(jPanel1Layout.createSequentialGroup()
                .addGap(19, 19, 19)
                .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                    .addGroup(jPanel1Layout.createSequentialGroup()
                        .addComponent(jButton2)
                        .addGap(57, 57, 57)
                        .addComponent(jScrollPane2, javax.swing.GroupLayout.PREFERRED_SIZE, 58, javax.swing.GroupLayout.PREFERRED_SIZE)
                        .addGap(29, 29, 29))
                    .addComponent(jScrollPane1, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.DEFAULT_SIZE, 348, Short.MAX_VALUE)
                    .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel1Layout.createSequentialGroup()
                        .addComponent(jButton1, javax.swing.GroupLayout.PREFERRED_SIZE, 87, javax.swing.GroupLayout.PREFERRED_SIZE)
                        .addGap(8, 8, 8))
                    .addGroup(jPanel1Layout.createSequentialGroup()
                        .addGap(12, 12, 12)
                        .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false)
                            .addGroup(jPanel1Layout.createSequentialGroup()
                                .addComponent(jButton3)
                                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                                .addComponent(jButton4)
                                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                                .addComponent(jButton5))
                            .addComponent(jLabel1, javax.swing.GroupLayout.PREFERRED_SIZE, 278, javax.swing.GroupLayout.PREFERRED_SIZE)
                            .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel1Layout.createSequentialGroup()
                                .addGap(74, 74, 74)
                                .addComponent(jLabel3, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
                                .addGap(45, 45, 45)
                                .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                                    .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                                    .addComponent(jLabel2, javax.swing.GroupLayout.PREFERRED_SIZE, 71, javax.swing.GroupLayout.PREFERRED_SIZE))))
                        .addGap(58, 58, 58)))
                .addGap(27, 27, 27))
        );
        jPanel1Layout.setVerticalGroup(
            jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addGroup(jPanel1Layout.createSequentialGroup()
                .addContainerGap()
                .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                    .addComponent(jLabel2, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
                    .addComponent(jLabel3))
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
                    .addComponent(jButton2)
                    .addComponent(jScrollPane2, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
                    .addComponent(jComboBox1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE))
                .addGap(16, 16, 16)
                .addComponent(jLabel1)
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.BASELINE)
                    .addComponent(jButton3, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
                    .addComponent(jButton4, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
                    .addComponent(jButton5, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                .addComponent(jScrollPane1, javax.swing.GroupLayout.PREFERRED_SIZE, 188, javax.swing.GroupLayout.PREFERRED_SIZE)
                .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
                .addComponent(jButton1)
                .addContainerGap())
        );
 
        javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane());
        getContentPane().setLayout(layout);
        layout.setHorizontalGroup(
            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addComponent(jPanel1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
        );
        layout.setVerticalGroup(
            layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
            .addComponent(jPanel1, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
        );
    }// //GEN-END:initComponents
 
    private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed
        // TODO add your handling code here:
          if (jList1.getSelectedIndex() > -1)
             {
		CaesarCode msg = new CaesarCode();
		msg.inputText(jTextArea1.getText());
		msg.convertToChar(); //convert plain text string to char data type
		msg.convertCharToInt(); // convert char to their equivalent integer (decimal number) in the ASCCI table
		//msg.getIntArray(); // show decimal numbers of the inputText
		int shift = 1 + jList1.getSelectedIndex();
			  if (jComboBox1.getSelectedItem() == "Encode")
			  {
                                jTextArea1.setText(msg.encrypt(shift));
                                //  msg.encrypt(shift) = encrypt and output cipher
			  }
			   else
			  {
				jTextArea1.setText(msg.decrypt(shift));
                                  //  msg.encrypt(shift) = decrypt and output cipher
			  }
		}
		else
                {
                    JOptionPane.showMessageDialog(null, "Please select a number of shifts first!");
		 }
    }//GEN-LAST:event_jButton1ActionPerformed
 
    private void jButton2ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton2ActionPerformed
        // TODO add your handling code here:
        JOptionPane.showMessageDialog(null, "To encrypt, select the encode mode, the number of shifts and click ‘Run’." + newLine +
                                            "You may encode the same message multiple times." + newLine +
                                            "To Decrypt, select the decode mode and reverse your encryption steps." + newLine + newLine +
                                            "By Haider al-Khateeb (http://blog.creativeitp.com)");
    }//GEN-LAST:event_jButton2ActionPerformed
 
    private void jButton3ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton3ActionPerformed
        // TODO add your handling code here:
        jTextArea1.copy();
    }//GEN-LAST:event_jButton3ActionPerformed
 
    private void jButton4ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton4ActionPerformed
        // TODO add your handling code here:
        jTextArea1.paste();
    }//GEN-LAST:event_jButton4ActionPerformed
 
    private void jButton5ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton5ActionPerformed
        // TODO add your handling code here:
        jTextArea1.selectAll();
    }//GEN-LAST:event_jButton5ActionPerformed
 
 
    // Variables declaration - do not modify//GEN-BEGIN:variables
    private javax.swing.JButton jButton1;
    private javax.swing.JButton jButton2;
    private javax.swing.JButton jButton3;
    private javax.swing.JButton jButton4;
    private javax.swing.JButton jButton5;
    private javax.swing.JComboBox jComboBox1;
    private javax.swing.JLabel jLabel1;
    private javax.swing.JLabel jLabel2;
    private javax.swing.JLabel jLabel3;
    private javax.swing.JList jList1;
    private javax.swing.JPanel jPanel1;
    private javax.swing.JScrollPane jScrollPane1;
    private javax.swing.JScrollPane jScrollPane2;
    private javax.swing.JTextArea jTextArea1;
    // End of variables declaration//GEN-END:variables
 
}

Introduction to OpenPGP – Encrypt, decrypt, sign and verify files for free!

Haider al-Khateeb — Sat, 23 Jan 2010 00:44:06 +0000

I have also posted this to HackThisSite.org articles

Introduction

Are you looking for a safe way to encrypt your files and messages? What if there is a method that can do all that and more and yet it is FREE to use? If you are interested, keep reading to know about encrypting and exchanging files safely with GPG and PGP.

GPG is an acronym for Gnu Privacy Guard. It was developed as a free and open source alternative to PGP, a famous commercial encryption product. Both GPG and PGP can encrypt and decrypt data on your system, in addition they can be used to authenticate emails and files you exchange with other people, this means that if Bob is sending files and emails to Alice, she can check if the data has been altered in the way by any third party and if the sender is Bob for sure and no one else. Furthermore, with these applications, Bob can also make sure that only Alice will be able to decrypt and read/view the data he is sending.

Before proceeding with how this works in practice, let me first start with a small formal introduction to the protocol these programs use, that is OpenPGP (RFC 4880).

OpenGPG

OpenPGP is the most used email encryption standard now a day. It uses public-keys in combination with symmetric cryptography and hash-function to provide security solutions for electronic communications and data storage. Any OpenPGP software should support data confidentiality, integrity and authentication.

So OpenGPG is the standard or the protocol, while PGP and GPG are the applications you can use.

The software

It is best now to get your own copy of the software. GPG is free, if you are using Windows, you can get GPG4win from: http://www.gpg4win.org.

For Mac and Unix/Linux systems, download the copy that is best for you from: here

Usually GPG is installed by default in most Linux distributions. In Ubuntu for example, you can start working on it directly using your command line, but to save yourself time and make your life easier, add the suitable frontend for Gnome: Seahorse, by running the following commands:

sudo apt-get install seahorse

And also install its plug-ins

sudo apt-get install seahorse-plugins

If you are a KDE user then you should get KGpg instead of Seahorse.

On the other hand, you can also use PGP. It is commercial, but the good news is that: if you decide to use their trial version without entering the license key, it works as a freeware version. It does not give you the full functionality of a commercial license of course, however, what you get is convenient enough (I personally use it). You can download the trial version and try it yourself from here

How it works

Now, that you installed a software (I assume), you should have a small program responsible for key management, that will usually be GPA if you got GPG4win, KGpg for KDE Linux or else, Seahorse if you are using Gnome. A Key Manager is used to create, delete, import, export and backup keys in addition to some few other management tasks. So what are these keys used for?

When you create a key, the software generates two, a private key for your own use and a relevant public key that can be sent to all other people to communicate securely with you.

What you really need to understand is that:

All data encrypted with your public key, can only be decrypted with your private key. This is how GPG provide confidentiality i.e. data can only be read by the person who is meant to read it. So, if Bob wants to send a confidential file to Alice, he encrypts the file with her public key and sends it. Do you see how important it is to keep your private key secure? That is why the software makes you protect it with a passphrase.

All data you encrypt with your private key can be decrypted using the public key: this implies that if Alice is able to decrypt data using Bob’s public key, she knows for sure that he was the one who encrypted it, no one else.

Digital Signatures

But why should Bob encrypt the whole file if all he needs is to prove authenticity to Alice? What if he is sending the file to many people and only Alice needs to authenticate it?

For this reason, we have digital signatures: Bob can simply sign the file with his private key instead of encrypting it.

Signing files can be done using Kleopatra if you installed GPG4win, otherwise simply right-click any file and the popup menu you get should have a new option to let you sign and/or encrypt the file.

Signing a file results in a digital signature, which contains a message digest (can be produced using a hash function such as MD5 algorithm) of the original file encrypted with Bob’s private key. The message digest maintains data integrity, because any change happens to the file changes its digest as well. While the fact that it has been encrypted with Bob’s private key proves him as the original sender. Interestingly, this can also be used as a method of non-repudiation, which implies that it prevents the sender from claiming that he or she did not actually send the information!

Now if Bob’s public key can decrypt and read the signature, Alice knows he is the sender, and then she uses the content (the message digest hash) to compare with a new calculated hash of the file she received. If they match, then the file has not been altered. Meanwhile, other people who might have received the file and does not have Bob’s public key, can simply use the file (because it is not encrypted) and ignore the digital signature.

Of course all of this is done easily by the software, no much manual work for you other than understanding how the software works.

Key Servers and Public Key Distribution

Exchanging public keys can be easy with a friend you already know, but what if you don’t have a direct contact with the person? How can you make sure the key you get isn’t fake? What if someone else made it up?

As a solution, Key Servers host public keys for everyone and provide you with solutions to work around this problem. PGP Global Directory for example verify the email address attached to every key before listing them online, hence, if you recognize the email address, you could trust the public key attached belongs to the owner of the email address.

Another one is SKS OpenPGP Keyserver. It shows you how many users trusted a certain public key and signed it as valid. In principle, if you see that many users signed a key, you might have a reason to think it actually belongs to its owner. This method is called “web of trust” and it helps to authenticate keys. So, it is best that you sign the keys you personally trust and ask the people who know you to sign your key as well to show it as valid. Make sure you don’t forget publishing any public key you sign to the key servers.

There are many key servers and many of them are linked together, so once you send your public key to one of them manually or by using your software, consequently, they will update each other with your information.

Digital Certificates

When someone signs a public key as valid, this operation results in what we call: a digital certificate. So, a digital certificate consists of a public key, identity information (owner’s name, email etc) and a digital signature by a third party to verify that the identity information belongs to the public keys. The third party can be a person, group, organization etc.

Conclusion

An interesting idea if you have some private data that you share with somebody is to encrypt it twice with both of your public keys. That way, neither of you can make use of it alone!

MD5 checksums to verify files integrity

Haider al-Khateeb — Sat, 16 Jan 2010 19:59:57 +0000

MD5 (Message-Digest algorithm 5) can be used effectively to verify files integrity and authenticity by computing and checking MD5 hashes.

In Windows: MD5summer can be used to perform the task.

While in Linux: The famous md5sum utility is usually used.

The following examples shows how md5sum can be used from the command line.

To compute the MD5 sum of an ISO file for example use:

md5sum filename.iso

The result will be something like:

f8c7451b0de5a1e5f7a68fb3d15f4064 filename.zip

Note that the wild card can be used too, so if you are in a folder containing many files, you can compute the hashes to all files using:

md5sum *

md5sum h*.exe

Some applications/distributions provide a file with all MD5 hashes of the released files. Ubuntu for example provide a file called MD5SUMS and it looks like this from inside:

836440698456aa2936a4347b5485fdd6 *ubuntu-9.10-alternate-amd64.iso
3faa345d298deec3854e0e02410973dc *ubuntu-9.10-alternate-i386.iso
dc51c1d7e3e173dcab4e0b9ad2be2bbf *ubuntu-9.10-desktop-amd64.iso
d91659de6e945dbb96eb8970b2b4590a *ubuntu-9.10-desktop-armel+dove.img
297875d2a7531824a0fb08f241d33e85 *ubuntu-9.10-desktop-armel+imx51.img
8790491bfa9d00f283ed9dd2d77b3906 *ubuntu-9.10-desktop-i386.iso
ed6e77587b87fe0d92a2f21855869f00 *ubuntu-9.10-netbook-remix-i386.iso
14707e8847b9c9ba2dd1869fb5086e4f *ubuntu-9.10-server-amd64.iso
55618ad5f180692f9dac20cbff352634 *ubuntu-9.10-server-i386.iso
37a04db193b1a342f961f59aea2fada8 *wubi.exe

Now assume you downloaded: ubuntu-9.10-alternate-i386.iso
You can verify it’s hash against that list with the following command:

md5sum ubuntu-9.10-alternate-i386.iso -c MD5SUMS

If the comparison results in a single match then your file is alright.

To cultivate the result, use the following to show the positive match only:

md5sum ubuntu-9.10-alternate-i386.iso -c MD5SUMS | grep -v "FAILED$"

grep -v “FAILED$” is used to ignore the failed comparisons in the results, hence, if we change it to grep -v “OK$” we can get the failed comparisons only. this is useful when you run md5sum to verify many files against a list and need to check if there are any bad files.

Introduction to Modern Steganography

Haider al-Khateeb — Mon, 11 Jan 2010 12:36:54 +0000

This article introduces steganography and explains some of its techniques and methods supported by examples. My objective was to make this post as short as possible while covering all important information. Your comments are welcome for any possible enhancements or for future articles about steganography by me or other people.
I have also posted this to HackThisSite.org articles.

Steganography

Steganography is all the techniques used to exchange secret messages without drawing attention. It is the science of hiding information.

Some of the old school methods to hide information are: invisible ink, null ciphers, microdots or the use of pinpricks, deliberate misspelling or slightly different font to mark certain words in messages and maps.

Null cipher

It’s a normal text written in the clear, but includes a hidden message. For example:

‘‘Fishing freshwater bends and saltwater coasts rewards anyone feeling stressed. Resourceful anglers usually find masterful leapers fun and admit swordfish rank overwhelming anyday.’’ [2]

If we take out the third letter in each word, we get: Send Lawyers, Guns, and Money.

Modern steganography refers to hiding information in digital images, audio files or even video. There are many methods and tools to do that. Nevertheless, and to have double protection, secret messages are first encrypted and then hidden using a steganography tool.

The steganographic process can be described with the following formula:

Cover medium + Data to hide + Stego key* = Stego Medium

* Note that if no encryption is added, there is no need for a Stego key.

Hiding messages in pictures

This is usually done by:

LSB (Least Significant Bit insertion).

Masking & filtering.

Algorithms & transformations.

Using LSB is famous, so I will choose it to explain how data can be hidden in images.

LSB is always the last bit on the right-hand side of any binary number. Changing this bit causes the least possible effect to the original value.

In a 24-bit image, there are 3 bytes of data to represent RGB values for every pixel in that image. This implies that we can store/hide 3 bits in every pixel. For example, if the image has the following bits:

10010101 00001101 11001001
10010110 00001111 11001010
10011111 00010000 11001011

To store 101101101. we replace with the original LSBs like this:

10010101 00001100 11001001
10010111 00001110 11001011
10011111 00010000 11001011

To reveal the stored message, the LSBs are extracted alone from the Stego Medium and combined together.

Hiding messages in audio files

Two known methods to store message in audio files are: Frequency Domain and Time Domain.

In Frequency Domain, a message can be stored in practically unused frequencies of audio files. For instance, In a CD where the sample rate is 44.1 kHz, the highest frequency without aliasing is 22.05 kHz.

Now, because the average peak frequency that an adult can hear is approximately 18 kHz, this leaves 4 kHz of frequency that is “practically unused”. This space can then be used to hide a message (a copyright message for example).

In Time Domain, a message can be stored in the LSBs, something similar to what we saw with images. To maintain CD quality, it is important to encode at 16 bits per sample at a rate of 44.1kHz. However, we can also record at 8 bits per sample using the high significant bits (first bits on your left-hand side) and save the other 4 LSBs to hide our message without making any perceptible change to the audio quality.

In a comparison between the two, detecting messages hidden with time domain is harder because it requires more resources. [4]

Watermarking (digital watermarking)

Whenever there is a topic about steganography now a day, Digital Watermarking is also mentioned. It refers to embedding hidden messages as well, but not for the purpose of sending secret information. Instead, Watermarking is usually used for the following:

Copyright protection: include ownership information.
Copy protection: include instructions to stop data copying devices from making and distributing copies of the original.
Prove data authenticity.
Tracking: If copies of a file are distributed illegally, the source can be revealed if the master copies had unique watermarks included.

Stego Tools

The following freeware tools have been tested by me on Windows 7 and they work great:

4t HIT Mail Privacy LITE 1.01

S-Tools 4.0

To find more tools (commercials and freeware) make use of the following lists as they are the best I found online or do your own googling:

http://home.comcast.net/~ebm.md/stego/software.html

http://www.jjtc.com/Security/stegtools.htm

Steganalyses and countermeasures

Steganalyses aim to investigate suspected information to determine whether they include any sealed data and reveal the hidden message if exist.

Any unusual patterns (visual or statistical) are usually analyzed to detect suspected information. Hence, any method can be useful, for instance, image editors and hex editors (e.g. HEX Workshop).

Some methods are designed and developed to detect and reveal information hidden by known steganography tools. There are also enhanced and powerful digital forensic analysis tools such as StegAlyzerSS (Steganography Analyzer Signature Scanner) developed by the Steganography Analysis and Research Center [5].

Conclusion note

The references at the end of this article are quite informative, have a go on them in your free time if you are looking for more details.

References

[1] Introduction to Steganography. [cited 2010 Jan 08]; Available from:

http://www.infosyssec.com/infosyssec/Steganography/menu.htm

[2] Johnson, N. F., Duric, Z., Jajodia, S. Information Hiding: Steganography and Watermarking – Attacks and Countermeasures. Kluwer Academic Press. Norwrll, MA, New York, The Hague, London, 2000.

[3] Gary C. Kessler. Steganography: Hiding Data Within Data. 2001 [cited 2010 Jan 08]; Available from:

http://www.garykessler.net/library/steganography.html

[4] Steganography in Signals. [cited 2010 Jan 09]; Available from:

http://www.owlnet.rice.edu/~elec301/Projects01/smokey_steg/steg.html

[5] Steganography Analyzer Signature Scanner. [cited 2010 Jan 09]; Available from:

http://www.sarc-wv.com/stegalyzerss.aspx

[6] Gary C. Kessler. An Overview of Steganography for the Computer Forensics Examiner. [cited 2010 Jan 10]; Available from: http://www.fbi.gov/hq/lab/fsc/backissu/july2004/research/2004_03_research01.htm

The pigpen cipher aka Masonic cipher

Haider al-Khateeb — Sun, 11 Jan 2009 08:16:17 +0000

Have you seen a code similar to this before?

An interesting example from real life is the stone of James Leeson, who died in 1792. For a long time, the box-and-dot code at the top of the stone (Figure 1) remained a mystery for the public, but the secret was revealed as Meyer Berger explained in his NY Times column in the 1950s, it was finally decrypted. It says: “Remember death”. It was a Masonic cipher.

Figure 1: Stone of James Leeson 1

The pigpen cipher or the Masonic/Freemason’s cipher is a simple encryption scheme used in the 16th century to secure correspondence between the Freemasons members. [2][3]

The cipher is created by replacing each letter of the alphabet with a symbol, therefore it is defined nowadays as a simple substitution cipher.

Symbols used in pigpen are created by drawing a grid like the one in Figure 2.

Figure 2: A typical example for a pigpen cipher key.

Based on the key (grid) in Figure 2

A sentence like “FREE WORLD” can be encrypted to be:

Fun exercise:

Question: Who was behind the invention of the frequency analysis technique for breaking monoalphabetic substitution ciphers?

Answer:

(decrypt to find out)

To enhance security, let us choose a key such as “PEACE” and put it into the grid, Figure 3:

Figure 3

I excluded the last “E” in “PEACE” because no letter should be written twice. Now let’s fill in the rest of the letters and have our personalized grid

Figure 4

Although we can change the grid every time we use a different keyword, this encryption scheme is not secure as it used to be at its time, because the use of symbols is no impediment to modern cryptanalysis techniques.

At the end of this article, here is a gift for you:

Right Click on Figure 5 and choose Save Target As to download a Masonic Cipher & Symbols Font for your MS Word, so you could write the symbols easily and have fun with your friends.

Figure 5: Masonic Cipher & Symbols Font (4)

To install the font file Right Click on it and select Install or simply move it to your C:\Windows\Fonts folder.

References:

[1] http://www.forgotten-ny.com/forgottentour17/tour17.html
[2] David Kahn, “The Codebreakers. The Story of Secret Writing.” Macmillan, 1967.
[3] David E. Newton, “Freemason’s Cipher” in Encyclopedia of Cryptology, 1998.
[4] FAM-Code© http://www.odr.org/anonymous/fam-code.htm