Author Topic: Announcing freeware/donationware "KyrCrypt 0.16" (Read 29147 times)

kyrathaba · « **on:** April 18, 2011, 07:44 PM »

I'm pleased to announce that I've released a piece of donationware called KyrCrypt. It has been accepted by Softpedia and I anticipate soon to hear good news from CNET and other sites.

"Its function is to encrypt/decrypt individual files or entire directories of files using 168-bit TripleDES encryption. It offers an optional virtual keyboard for entering passwords with the mouse or touchpad, so that the actual computer keyboard doesn't have to be utilized for this purpose, thereby negating the threat of keyloggers."

As a completely self-taught programmer, I'm pleased with this first serious effort to place myself in the freeware/donationware community of contributors.

cranioscopical · « **Reply #1 on:** April 18, 2011, 07:53 PM »

Congratulations! Did you have a panel of beta testers?

kyrathaba · « **Reply #2 on:** April 18, 2011, 07:54 PM »

I have two old college-buddies who used it some while I was developing, and provided feedback.

lanux128 · « **Reply #3 on:** April 18, 2011, 08:50 PM »

nice looking software, thanks for releasing this..

f0dder · « **Reply #4 on:** April 19, 2011, 04:18 AM »

Why TripleDES, though?

kyrathaba · « **Reply #5 on:** April 19, 2011, 07:56 AM »

Congratulations!

nice looking software, thanks for releasing this..

Thanks, cranioscopical and lanux128!

Why TripleDES, though?

To be honest Fodder, I had just learned how to implement that particular encryption, in a Programming School assignment, and was I suppose eager to put it to use. I think that in a future update of the software I may provide the option to select from among several encryption algorithms.

Curt · « **Reply #6 on:** April 19, 2011, 09:20 AM »

Announcing freeware/donationware "KyrCrypt 0.16"

Congratulations, kyrathaba!

kyrathaba · « **Reply #7 on:** April 19, 2011, 10:10 AM »

Thanks, Curt!

skwire · « **Reply #8 on:** April 19, 2011, 02:36 PM »

Good work, kyrathaba.

Some thoughts after a quick play:

The mix of fixed-width and variable-width menu text is somewhat distracting.
Decrypting a KPT file with an incorrect password still produces a "password-accepted" message box and a resulting file (though it's unusable).

Ath · « **Reply #9 on:** April 19, 2011, 03:19 PM »

Decrypting a KPT file with an incorrect password still produces a "password-accepted" message box and a resulting file (though it's unusable).
-skwire (April 19, 2011, 02:36 PM)

If it gave a messagebox that the password is not accepted, that could be a means to hack your way into the vault...

kyrathaba · « **Reply #10 on:** April 19, 2011, 03:40 PM »

@skwire

Hey, thanks for taking time for a run-through! I will look into reconciling the font issue. As for the unusable "decrypted" file versus the "password accepted" message: the output will be gibberish IF the wrong password is used to decrypt (meaning NOT the same one used to encrypt). The "password accepted" message doesn't mean that the program verified the submitted PW against an encrypted copy of the PW (PW are not 'remembered', not included within the encrypted file). Rather, "Password Accepted" simply means the submitted password meets some sort of RegEx requirement. I will make this clear in my next update, and will ensure the help webpage elucidates it.

From the documentation:

Important: the password you use to encrypt is NOT stored within the encrypted file. Thus, when decrypting, the program does NOT somehow ensure that the supplied password is the same as the one that was used to encrypt. The upshot of this is that if you supply a different password to decrypt than the one that was used to encrypt, you'll get a 'decrypted' file that is 'giggerish'.

Thanks!

Renegade · « **Reply #11 on:** April 19, 2011, 06:44 PM »

As a completely self-taught programmer, I'm pleased with this first serious effort to place myself in the freeware/donationware community of contributors.
-kyrathaba (April 18, 2011, 07:44 PM)

Congratulations on the release~!

kyrathaba · « **Reply #12 on:** April 19, 2011, 08:31 PM »

Gracias

f0dder · « **Reply #13 on:** April 20, 2011, 05:46 AM »

Why TripleDES, though?

To be honest Fodder, I had just learned how to implement that particular encryption, in a Programming School assignment, and was I suppose eager to put it to use. I think that in a future update of the software I may provide the option to select from among several encryption algorithms.
-kyrathaba (April 19, 2011, 07:56 AM)

OK, I was just wondering since DES is both slower and less secure than contemporary algorithms, and shouldn't really be used for anything than supporting legacy systems

(yes, it's slower even though it's less secure - it was designed with hardware implementation in mind, and uses operations that are slow on our general-purpose x86 processors).

Decrypting a KPT file with an incorrect password still produces a "password-accepted" message box and a resulting file (though it's unusable).
-skwire (April 19, 2011, 02:36 PM)
If it gave a messagebox that the password is not accepted, that could be a means to hack your way into the vault...
-Ath (April 19, 2011, 03:19 PM)

Not really, no - unless very poorly designed, you'd still be no better off than brute-forcing the entire keyspace

. Yeah, it does mean you'd have to store a hash of the decrypted file contents, but in practice this isn't really a security concern.

kyrathaba · « **Reply #14 on:** April 21, 2011, 07:48 PM »

I appreciate the suggestion. I may well include password-validation in the next upgrade.

NEWS: KyrCrypt 0.16 has been reviewed by SoftSea.

kyrathaba · « **Reply #15 on:** April 26, 2011, 11:03 AM »

Hmm, did a search and discovered that Ognilab has listed KyrCrypt. Funny thing is, I hadn't submitted it to them...

skwire · « **Reply #16 on:** April 26, 2011, 11:49 AM »

Funny thing is, I hadn't submitted it to them...
-kyrathaba (April 26, 2011, 11:03 AM)

Get used to it.

I've never, personally, submitted any of my applications to any site and numerous sites carry them. *shrug*

kyrathaba · « **Reply #17 on:** April 26, 2011, 11:53 AM »

Fortunately, I'm not upset

Ath · « **Reply #18 on:** April 26, 2011, 11:54 AM »

and numerous sites carry them
-skwire (April 26, 2011, 11:49 AM)

That's the price you pay when you make great stuff, like you do

kyrathaba · « **Reply #19 on:** April 26, 2011, 01:54 PM »

That's the price you pay when you make great stuff, like you do

Skwire does make great stuff!

bobholm · « **Reply #20 on:** May 09, 2011, 02:31 AM »

Kaspersky says this prog has a virus in it. Is there some way to stop this (only does it with heuristics turned on)?

Ath · « **Reply #21 on:** May 09, 2011, 02:50 AM »

Is there some way to stop this (only does it with heuristics turned on)?
-bobholm (May 09, 2011, 02:31 AM)

Upload to VirusTotal and/or Jotti, and report the results to Kaspersky, so they can fix this false positive.

kyrathaba · « **Reply #22 on:** May 18, 2011, 09:25 PM »

Softpedia has featured another of my utilities, even though I didn't submit it.

kyrathaba · « **Reply #23 on:** June 18, 2011, 12:54 PM »

KyrCrypt got a nice review on the "I Love Free Software" site.

And, though I find it somewhat difficult to credit (I know sites sometimes inflate these things artificially), it showed this:

mouser · « **Reply #24 on:** June 18, 2011, 02:16 PM »

not to dampen your excitement but that counter and like is for the entire site