Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

skilcrypt - GnuPG wrapper
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Unsupported Software
View previous topic :: View next topic  
Author Message
frankenputer
n00b
n00b


Joined: 09 Mar 2016
Posts: 26
PostPosted: Sat Mar 19, 2016 10:34 am    Post subject: skilcrypt - GnuPG wrapper Reply with quote
Hello everyone,

Half year ago I was working and travelling across many European countries and having only my smartphone with me. Most of the backup data that I was carrying in my phone and microsd card was encrypted with LUKS, and then I realised how limited and platform specific are most encryption programs. I've used GPG in the past, but man it was god damn slow whenever I wanted to encrypt/decrypt a bunch of files in a row.

I've spend last 3 days searching for cross platform (must have at least Windows phone or Android port) encryption that doesn't require pre-allocated space in first place, but couldn't find anything.

One random opening of my gpg.conf that I have not touched for a long time reminded me that GPG has compression options:

Code:

compress-algo BZIP2
compress-level 9
bzip2-compress-level 9


So I immediately did a test with and without compression to see whether it will affect the encryption. The test subject was my $HOME.tar that was 1GB in size. Without compression the tarball was encrypted for 4 seconds, enabling the compression resulted in 5 minutes "encryption".

And that is how skilcrypt was born [zsh compatible] yesterday.

It seems I wasn't alone in this cross platform encryption situation.

Quote:
My backups are important to me – information for my job, passwords – but of little importance to others, except for identity theft, passwords ...

Government agencies are unlikely to be interested in anything other than the passwords, but should they break the encryption, it doesn't mean an individual agent won't overstep his remit (as has occurred in the U.S.).

I store compressed archives – many files into a single file – which makes encryption almost simple compared to encrypting email messages etc.
I work on both Windows and Linux, so I need seamless cross-platform encryption and decryption on each operating system.
GUI programs can be great, but I'm fine with the command-line, so that opens more choice.
Strong encryption algorithms (ciphers) are essential.
Effective password hashing and key-stretching are also essential to make brute-force cracking more difficult.
An encryption program needs to be open source, so anyone can check the implementation (nothing like lots of eyeballs to find bugs and backdoors, paraphrasing Eric Raymond).

After much searching and evaluating, the most promising open source cross-platform file encryption programs I've used so far are 7-Zip and GNU Privacy Guard (GnuPG or GPG). In addition to operating on both Windows and Linux, these programs also run on ARM-based Linux (e.g. Raspberry Pi) and Mac OS X.


The very next time when someone recommends me LUKS, Geli or any other platform specific encryption at least I can share my story with him/her and explain why we need moar cross platform programs.
Back to top
View user's profile Send private message
szatox
Advocate
Advocate


Joined: 27 Aug 2013
Posts: 3142
PostPosted: Sat Mar 19, 2016 11:11 pm    Post subject: Reply with quote
Quote:
So I immediately did a test with and without compression to see whether it will affect the encryption. The test subject was my $HOME.tar that was 1GB in size. Without compression the tarball was encrypted for 4 seconds, enabling the compression resulted in 5 minutes "encryption".
Good that you noticed it, but I don't see your problem. You either demand impossible (1 GB in 4 sec is too slow for you) or you enabled compression and blame gpg for doing what you told it to do. PEBKAC.

Quote:
The very next time when someone recommends me LUKS, Geli or any other platform specific encryption at least I can share my story with him/her and explain why we need moar cross platform programs.
Use luks on linux and truecrypt on windows. You can create a volume that will be compatible with both of them.
And yes, I know tc is deprecated, but aes is aes. Even if tc was a broken implementation, i dare say nobody would exploit it. When tc it's active, you don't have to exploit it, and when it's not active, the data itself is not affected by possible flaws of the implementation anymore.

Regarding tools that do not require preallocated space: Do you really need the same tool on all platforms? Why? Isn't it good enough when you use standard algorithms that multiple tools can understand?
Anyway, gpg and openssl do work on both, linux and windows, so again, what's the problem?
Back to top
View user's profile Send private message
frankenputer
n00b
n00b


Joined: 09 Mar 2016
Posts: 26
PostPosted: Mon Mar 21, 2016 5:08 pm    Post subject: Reply with quote
szatox wrote:
Quote:
So I immediately did a test with and without compression to see whether it will affect the encryption. The test subject was my $HOME.tar that was 1GB in size. Without compression the tarball was encrypted for 4 seconds, enabling the compression resulted in 5 minutes "encryption".
Good that you noticed it, but I don't see your problem. You either demand impossible (1 GB in 4 sec is too slow for you) or you enabled compression and blame gpg for doing what you told it to do. PEBKAC.

Quote:
The very next time when someone recommends me LUKS, Geli or any other platform specific encryption at least I can share my story with him/her and explain why we need moar cross platform programs.
Use luks on linux and truecrypt on windows. You can create a volume that will be compatible with both of them.
And yes, I know tc is deprecated, but aes is aes. Even if tc was a broken implementation, i dare say nobody would exploit it. When tc it's active, you don't have to exploit it, and when it's not active, the data itself is not affected by possible flaws of the implementation anymore.

Regarding tools that do not require preallocated space: Do you really need the same tool on all platforms? Why? Isn't it good enough when you use standard algorithms that multiple tools can understand?
Anyway, gpg and openssl do work on both, linux and windows, so again, what's the problem?


Take your time and reread my initial post to understand what I wrote and why I wrote it.

And please do yourself a favour by visiting my project and blog pages.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Unsupported Software All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy