Skip to content

stuartcalder/4crypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

135 Commits
Impl
Impl
 
 
share
share
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
CommandLineArg.hh
CommandLineArg.hh
 
 
Core.hh
Core.hh
 
 
Gui.hh
Gui.hh
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Util.hh
Util.hh
 
 

Repository files navigation

Alt text Alt text

Symmetric file encryption tool, targeting 512 bits of security with memory-hard password hashing.

This software aims to provide strong symmetric cryptographic security for protecting important data. Both CLI and GUI interfaces are provided.

Alt text Alt text

Buildtime Dependencies

  • SSC header and library files.
  • tsc_c header and library files.

(Required on OpenBSD, FreeBSD, MacOS, and GNU/Linux)

  • ncurses header and library files.

(Required on Microsoft Windows only)

  • Windows Vista/Server 2008 or later.
  • Visual Studio 2019 development suite or later.

Building 4crypt

  1. Build and install SSC.
  2. Build and install tsc_c.
  3. cmake -S . -B ${BUILD_DIR}
  4. cd ${BUILD_DIR}
  5. make -j${NPROC}

Implementation Detail

The three most significant algorithms implemented and utilized in this project include:

  1. The Threefish512 block cipher.
  2. The Skein512 cryptographic hash function.
  3. A customized implementation of the CATENA password scrambling framework.

User supplied passwords are scrambled using CATENA and then hashed into two 512 bit keys; the first is used as the secret key for Threefish512 in Counter Mode for confidentiality; the second is used as the secret key for Skein512's native Message Authentication Code, which is appended to the end of encrypted files for authentication and integrity verification.

The beginning of every 4crypt-encrypted file is a header, consisting of:

  1. The magic bytes [0xE2, 0x2A, 0x1E, 0x9B] to uniquely identify 4crypt-encrypted files.
  2. 4 bytes encoding:
    1. The Lower Memory Bound of the Key Derivation Function, CATENA.
    2. The Upper Memory Bound of the Key Derivation Function, CATENA.
    3. The Iteration Count of the Key Derivation Function, CATENA.
    4. A boolean encoding whether to enable "Phi" and Sequential Memory Hardness (Discussed later).
  3. 64 bit, little endian encoded unsigned integer describing the total size of the file.
  4. 128 pseudorandom bits utilized as a Threefish512 tweak for Threefish in Counter Mode.
  5. 256 pseudorandom bits utilized as a cryptographic salt for CATENA.
  6. 256 pseudorandom bits utilized as an initialization vector for Threefish in Counter Mode.
  7. 64 bit, little endian encoded unsigned integer describing the thread count for CATENA.
  8. 64 reserved bits, currently always all zero.
  9. 64 bit, Threefish512-CTR enciphered, little endian encoded unsigned integer describing the total number of padding bytes.
  10. 64 Threefish512-CTR enciphered reserved bits. Currently the plaintext is always all zero.

All 4crypt-encrypted files are evenly divisible into 64 byte blocks; i.e. the payload of the file plus the metadata of the file header, the MAC appenended to the end, and the padding bytes always evenly divides by 64 bytes.

About

No description or website provided.

Topics

gui-application cli-application cryptography-tools symmetric-encryption memory-hard

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages