Encryption tools

File encryption or enciphering

Enciphering a file will protect your data from being read by anyone who does not know the secret key. The original unenciphered data is called "clear text" because its meaning is clear to anyone who reads it. The enciphered data is called "cipher text" and its meaning is hidden from unauthorised users. Although the data is described as text, it can be any data such as Word documents, JPEG images, HTML files, ZIP files etc. The secret key is typically generated from a password or passphrase that the authorised user will type in. The passphrase might be written down and kept in a safe or shared with a trusted partner, if the data should be recoverable following a loss of memory by the authorised user. You might also tell one partner half the passphrase and another partner the other half of the passphrase. They can get together to put their 2 halves together to reconstruct the secret should you forget or be run over by the proverbial bus.

The cryptography screens of Club Cycom software allow you to encipher single files or a whole directory tree of files using Password Based Encryption Standard and the Data Encryption Standard (PBEWithMD5AndDES).  We use standard published encryption algorithms with standard Java library implementations so you can be sure that the algorithms have been studied by experts checking for weakness and well tested by thousands of users.

File decryption or deciphering

Deciphering functions are free. You do not need to subscribe to Club Cycom to be able to decipher your own or others data. Deciphering a file will require you to know a secret password or passphrase. Deciphering a file may result in a "clear text" file appearing on you computers hard disk if you wish it, however if you merely which to read or view the information, then the Club Cycom software has a built in internal viewer for some data types which will allow you to view the data without risking any clear records appearing on your hard disk for later discovery by the malicious attackers. An example use of the built in viewer would be to view a slide show of images stored in a zip file and then encrypted. Since the viewer  handles the zip format, even the image filenames are hidden from unauthorised users.  An example encrypted file (2.5Mbytes) which you can download is accounts200303.zip.enc
(when deciphering with Club Cycom software, you will choose "Internal Viewer" as the type of destination and "all professional models" as the additional secret key).

Things to consider before encrypting your data

Big dangers with using encryption software is not that someone else will be able to break the encryption but rather that you will either forget the key or that your deciphering software will no longer run on your future operating systems or computers!. Cycom protects you from the second danger by running on the open Java 1.4 platform which has numerous companies and groups who supply implementations (IBM, Sun, open source project teams) and also runs on many operating systems (Linux, Windows, Macintosh, Unix, Solaris) and we hereby publish all the parameters used to configure the standard algorithms so that even 100 years from now any programmer should be able recreate a deciphering program (give him the following information).

    private static char [] DEFAULT_PASSWORD = {'p','a','s','s','w','o','r','d'};
    private static byte [] salt1 = {0x21,0x7e,0x23,0x49,(byte)0xf5,(byte)0xac, (byte)0xc4,0x55 };
    private static final int ITERATION_COUNT=10000;
    private static final int KEY_LENGTH=112; 
    private static String PBE_ALG = "PBEWithMD5AndDES";
                PBEParameterSpec pbeParamSpec = new PBEParameterSpec( salt1, ITERATION_COUNT);
                PBEKeySpec pbeKeySpec = new PBEKeySpec(key, salt1, ITERATION_COUNT, KEY_LENGTH);         
                SecretKeyFactory keyFac = SecretKeyFactory.getInstance(PBE_ALG);
                SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
                pbeCipher = Cipher.getInstance(PBE_ALG);
                pbeCipher.init(cipherMode, pbeKey, pbeParamSpec);

It is OK to publish the algorithm and parameters since all the security resides in the secret key (which you choose and only you know).

The software has the option to erase the original clear text file after it has been enciphered. Erasing a file means writing over the contents with meaningless data. This is much more secure than simply deleting the file. The operation of deleting a file can often be undone by a malicious computer expert or a forensic computer examination.

Anytime you use your data in its clear text form, then most non-security aware software will be creating traces of its content in places that you might not be so aware of. Browsing html pages will record history links in "favorites" or "recent documents" and will cache files in the browser cache. Editors and word processors will create backup or temp files. Image viewers may create thumbnails or image index files. Only Cycoms internal viewer will take care not to leave some trace. Even programs such as Club Cycom that will only keep clear text data transiently in memory might still have their process memory paged out to disk (the virtual memory file or swap file) by the operating system as it tries to optimise your memory. (Cycom will be working to investigate this potential problem).

If you share an encrypted file with someone else, then even if an attacker cannot read the contents, the attacker could still tell that you have the same file as that other person. If the attacker had created the encrypted file himself then he could tempt you into obtaining a copy in a sting operation. You would need to reencrypt the file and also change its name and size to defeat the sting.

Any password based system suffers from the weaknesses that:-
  1. The passphrase must be unguessable (but fast computers can guess 1 million possibilities per second and know the Bible and the complete works of Shakespeare!).
  2. The secret police can torture you until you tell the passphrase.
Choose a long passphrase that has never been uttered before in human history but that can be imagined such as "happy parents never put stones in their hairy blue lungfish" (you will still forget it anyway, so have a copy in the safe).

Generally though the security should be enough for all purposes except for plotting the overthrow of western democratic governments.