topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Sunday October 6, 2024, 2:51 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Re: IDEA - encrypted-SFX-EXE to see secret text  (Read 13685 times)

allen

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,206
    • View Profile
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« on: January 31, 2006, 04:52 AM »
fsekrit is uber-cool, man.  A couple little things I think it's missing.

1) Some sort of file > open dialog to import a text file
2) Remember window size on a per-.exe basis.  Some files are wider than others and, surely, I can't be bothered with resizing my own window ;)
3) Take a few command line parameters -- so I can launch fsekrit with the file name and text file to use as the document source already predefined.  This would make it possible to encrypt a text file on the fly using a text editor that supported external tools.
« Last Edit: January 31, 2006, 04:54 AM by allen »

f0dder

  • Moderator
  • Joined in 2005
  • *****
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #1 on: January 31, 2006, 05:01 AM »
Importing text files is planned for next version.

Remember window size (and position, when re-opening window after save) is already implemented - current version is 1.0, mouser hasn't updated to that yet, though. 0.6 wasn't meant to be public ;)

Commandline parameters are also planned for the next version. Dunno if I want to support encryption key on commandline, though. Currently the save feature kind-of does this, but it specifies the AES-256 encryption key in HEX format, not your passphrase...

Let me know of any feature requests, bug reports, praise :P, whatever..
- carpe noctem

allen

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,206
    • View Profile
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #2 on: January 31, 2006, 05:04 AM »
Just a warning, I posted a copy of that to the 1.0 thread, which I hadn't found prior to now ;)

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 40,913
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #3 on: January 31, 2006, 05:22 AM »
im gonna moves these posts to fsekrit section.

wr975

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 369
    • View Profile
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #4 on: January 31, 2006, 07:13 AM »


Many thanks for fSekrit. Great tool!!!  :Thmbsup:


>feature requests

The author of Ghost_AES (http://free.pages.at...ost_hunter/crypt.htm) claims ultimate security because he's not storing the password. So if you decrypt using a wrong password, you'll get unuseable data.I like the idea. It sure makes brute force impossible.

If you also like this idea, perhaps you can add a "don't store password" option in future versions of fSekrit.

f0dder

  • Moderator
  • Joined in 2005
  • *****
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #5 on: January 31, 2006, 11:32 AM »


Many thanks for fSekrit. Great tool!!!  :Thmbsup:


>feature requests

The author of Ghost_AES (http://free.pages.at...ost_hunter/crypt.htm) claims ultimate security because he's not storing the password. So if you decrypt using a wrong password, you'll get unuseable data.I like the idea. It sure makes brute force impossible.

If you also like this idea, perhaps you can add a "don't store password" option in future versions of fSekrit.

I don't store the password anywhere. I do store a hash of the password plaintext, but it is impossible to reconstruct the password from the hash. It's true that storing the hash means you can automate bruteforcing, but bruteforcing a 256-bit key is infeasible, even if you distribute it massively.

Also, even for a solution where you don't store a hash of the password plaintext, statistical analysis could be used instead of hash-checking; this is remarkably effective. There would be some false positives that would need manual checking, but not too many...

So I'll keep storing the hash for convenience :)
- carpe noctem
« Last Edit: January 31, 2006, 03:20 PM by f0dder »

wr975

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 369
    • View Profile
    • Donate to Member
Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #6 on: January 31, 2006, 12:35 PM »
Thanks for the info!  ;)

f0dder

  • Moderator
  • Joined in 2005
  • *****
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Re: IDEA - encrypted-SFX-EXE to see secret text
« Reply #7 on: January 31, 2006, 03:18 PM »
I do store a hash of the password
-f0dder

Oops!
I mean a hash of the PLAINTEXT, of course! (fixing up the previous post, but posting here as well)


- carpe noctem