DarkCryptTC - Total Commander now is the best encryptor!!!

Discuss and announce Total Commander plugins, addons and other useful tools here, both their usage and their development.

Moderators: sheep, Hacker, Stefan2, white

Post Reply
User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

2009.05.10: Plugin updated!

- new feature: optional secret algorithm and cipher mode. If option used, user must know what cipher and cipher mode where used.

- some code cleanup

- new blockapi cipher modules

direct link to last version

GUI Shell for plugin (with clipboard encryption feature)

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

2009.05.17 Plugin now is a part of my project "Zarya" (russian, means "daybreak" or "dawn").

This stage of project supports strong and powerfull cascade ciphering, ECC, Elgamal and RSA public key encryption, better BWT pre-compression (for better entropy).

Now plugin has more then 100+ ciphers in base, and you can add you own cipher dll, plug it to blockapi directory. Plugin turns to block cipher and RSA/ECC/Elgamal + symmetric cipher.

There is also a mode with secter algo/mode encryption, secret cascade profile encryption. To decrypt you must know, what cipher, mode or cascade profile was used (optional).

Warning! You must decrypt version III files. Project "Zarya" can't decrypt DarkCrypt III files.

build 05.17.2009

direct link to latest build

Gui shell supports also clipboard encryption and easy file encryption.

Project "Zarya" GUI Shell
Last edited by alexanderwdark on 2009-05-17, 17:11 UTC, edited 3 times in total.

User avatar
DrShark
Power Member
Power Member
Posts: 1569
Joined: 2006-11-03, 22:26 UTC
Location: Kyiv, 68/262

Post by *DrShark »

Warning! You must decrypt version III files. Project "Zarya" can't decrypt DarkCrypt III files.
Older versions of DarkCryptTC to decrypt files:
DarkCryptTC 24.10.2008
DarkCryptTC II 02.12.2008 (v2)
DarkCryptTC III 12.05.2009 (v2) (zip mirror)
Android 4.3.1 no root, kernel 08.09.2016; Vista Home Premium SP2 rus 32 bit
TC #149847 Personal licence

Cuz we're all in this together, We're here to make it right

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

09.07.2009: New! Unique support for encryption into steganographic container. Now you can encrypt data and store it in:

- Bitmap (24-bit BMP)
- TIFF (24-bit with LZW/DEFLATE compression)
- PNG (24-bit with DEFLATE compression)
- JPEG2000 (with lossless compression)
- WAVE (16 bit, Stereo)
- TXT (now only ANSI-1251, Russian)

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

17.07.2009: Support for custom bit usage for Wave stego container, from two bits up to 14 bits with step 2.

User avatar
romulous
Senior Member
Senior Member
Posts: 226
Joined: 2003-11-19, 04:10 UTC

Post by *romulous »

Hi alexanderwdark,

Your plugin looks interesting and you've obviously put a lot of work into it. It's also very convenient having encryption embedded into Total Commander. One thing does make me a little uncomfortable though - I was just testing it out on a single text file. File encrypted - no problems there. However, when I viewed the encrypted archive using a text editor, I could see that DarkCryptTC had written the encryption algorithm used (e.g. AES) into the header of the file. Now, knowing the algorithm used to encrypt a file does not lead straight to someone being able to decrypt it of course, but it still does make me uncomfortable though knowing that anyone wanting to decrypt your files is being given any sort of help in doing so. Is there any way to disable this?

I think I know why you have done it this way - I use TrueCrypt for my encrypting generally, and it doesn't write into the file which algorithm you used. In essence, it has to try each algorithm it supports every time you decrypt a file as it doesn't know how you have encrypted your file. Now, TrueCrypt does not support nearly as many algorithms as DarkCrypt does, so I suspect that you've done this for performance reasons - but it would still be nice if something could be done in this regard.

Thanks,

CM

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

Hi, romulous!

There are lot of options in this plugin. See settings of DarkCryptTC wcx plugin.

>> Is there any way to disable this?

You can find secret algorithm and secret mode checkbox. You can build cascade cipher set (for example, Camellia-Rijndael-Twofish-Serpent-Mars) and make it secret. Or you can use secret cascade cipher and write data into BMP/PNG/TIFF image as stego container.

If you need very strong security, you can set this options:

Store file hash sum = off
Store fake name = on
Disable cipher info = on
Save original path = off (it's default)
Compress before encryption = on
Secure delete by DoD = on

User avatar
romulous
Senior Member
Senior Member
Posts: 226
Joined: 2003-11-19, 04:10 UTC

Post by *romulous »

Cool, setting the options as in your post removes the algorithm from the header of the file. There are still a few things in plain text in the file, field names by the looks of it. The main ones being the project name (ZARYAV1) and the website (http://www.darksoftware.narod.ru/). The others being Name, Date, Attribute, Size (presumably of the encrypted file), Packed (I assume the value of '1' means that it is packed before being encrypted), and Salt. As far as I know, knowing the program which encrypted a file and its website won't get anyone who wants to decrypt it any closer to being able to do so. I suppose the only thing it really does do is to stop you from being able to claim that the file is not an encrypted file. The other bits of plain text probably also don't do any real harm, though I was a little surprised to see the salt field name in plain text (the field value is probably encrypted though).

Regards,

CM

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

Salt header value is used as public nonce in key transformation routine, or as a part of initialization vectors, it's very important when using stream ciphers or encrypting many files with one password.

User avatar
ElQuia
Junior Member
Junior Member
Posts: 79
Joined: 2009-04-18, 23:44 UTC
Location: Córdoba, Argentina

Post by *ElQuia »

alexanderwdark I think that romulous is pointing to what the call in english "plausible deniabilty". That means that if the police, fbi, your boss or anyone gets your file and tries some forensic on it you can say "no, its not encrypted" or "I don't know anything about that" haha :twisted:

I think it would be nice to have the option, to be able to select it with in some easy way.

BTW: your GUI uses the same methods?, Is it updated with the same frequency as the TC plugin?

Very, but very nice work! :D

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

ElQuia wrote:alexanderwdark I think that romulous is pointing to what the call in english "plausible deniabilty". That means that if the police, fbi, your boss or anyone gets your file and tries some forensic on it you can say "no, its not encrypted" or "I don't know anything about that" haha :twisted:

Thanks, ElQuia!

I think it would be nice to have the option, to be able to select it with in some easy way.

BTW: your GUI uses the same methods?, Is it updated with the same frequency as the TC plugin?

Very, but very nice work! :D
GUI uses same wcx interface, so, you can just replace darkcrypt files in gui installation. But i often update install archive of my darksoftware.narod.ru site.

For TC every archive must have some header or ID to be detected by CanYouHandleThisFile. My XDC format is apart of my flexible text header format, it can be easy extended to has new record types. But it must exist and can't be removed to say file is not xdc. Plugin now supports steganography, so if someone likes total secret state of data, one can hide it in Image, Wave, etc.

Theoretically, i can make second pre-encryption, so file will look like a random data.

But, real expert of FBI, police, etc. can detect real encrypted info (created by any software with any real encryption algorithm) and filter just compressed. For this work one can use just freeware tool ENT to get Entropy, Chi square distribution (easy says if data is encrypted), Arithmetic mean value, Monte Carlo value for Pi, Serial correlation coefficient, etc.

User avatar
ElQuia
Junior Member
Junior Member
Posts: 79
Joined: 2009-04-18, 23:44 UTC
Location: Córdoba, Argentina

Post by *ElQuia »

alexanderwdark, well I guess you are right (about experts). I'm no programmer (I do IT, hardware, etc) but I guess forensics experts will know.

About the GUI thanks for the data, and just a request: would it be possible to have an english links for downloads on your home page? (sadly I can't read russian :( )

User avatar
alexanderwdark
Senior Member
Senior Member
Posts: 270
Joined: 2008-04-14, 07:20 UTC
Location: Russia
Contact:

Post by *alexanderwdark »

ElQuia wrote:alexanderwdark, well I guess you are right (about experts). I'm no programmer (I do IT, hardware, etc) but I guess forensics experts will know.

About the GUI thanks for the data, and just a request: would it be possible to have an english links for downloads on your home page? (sadly I can't read russian :( )

ElQuia, english page already exists, it's located here: http://darksoftware.narod.ru/tcpluginsen.html

But my hosting can give some Russian download pages, just click link to file when it is displayed.

User avatar
ElQuia
Junior Member
Junior Member
Posts: 79
Joined: 2009-04-18, 23:44 UTC
Location: Córdoba, Argentina

Post by *ElQuia »

:D OK, Thanks :!:

User avatar
romulous
Senior Member
Senior Member
Posts: 226
Joined: 2003-11-19, 04:10 UTC

Post by *romulous »

ElQuia wrote:alexanderwdark I think that romulous is pointing to what the call in english "plausible deniabilty". That means that if the police, fbi, your boss or anyone gets your file and tries some forensic on it you can say "no, its not encrypted" or "I don't know anything about that" haha :twisted:
Yep, that is basically what I was pointing at. With the header info DarkCrypt places into the encrypted file being quite specific and English-readable, anyone looking can tell the file is encrypted (and not just random data), and can tell what the program used to encrypt it is, and other bits about the file you encrypted. As an extra (and something else I was pointing out), they can also tell the algorithm used for encryption - unless you check all the necessary options to disable this bit, this is also a help to anyone wanting to decrypt your file. Sure, they still have to find a hole in the algorithm itself, or in DarkCrypt's implementation of said algorithm, but it is a starting point that they shouldn't really be given.

Post Reply