20 Feb 2008

Secure Personal Archive 2.7 - Operating instructions

Archive manager Entry window to create, open, and manage Spa archive (.spa) files.
Item manager Shows a directory tree of items in an archive.
Item Window for creation, editing, and display of items in an archive.
File cryptography Encrypting and decrypting of files with keys from items in the archive.
Options Customizing functionality and display.
Daisy cryptosystem Users guide to the Daisy cryptosystem.

Some screen shots may differ slightly from the current version. The functionality is the same, however.

Archive manager

Start the program by double-clicking on the Spa.jar icon. Read and respond to the disclaimer. A green-bordered window labelled "Spa (2.x)" with a combination dial will appear. This Archive manager window creates and selects the encrypted archive files.

The border is green because access to your archives isn't possible at this point, that is, your data is secure. Red-bordered windows contain sensitive information and you should be alert when they appear.

The Tools menu starts the file hash generator (FileHash) or the True Random Password generator (Trap).

The Help button provides information and allows setting of options.

Windows produced by Spa can be repositioned and resized at your convenience. Each archive item has its own window position and size. Window positions and sizes are remembered by Spa so that a window will have the same position and size as the last time you used it.

The menu bar of the Archive manager window has three menus: File, Tools, and Help:

The name of the default archive file is the title of the Archive manager window. The window close button, "X", on the upper right corner of the Archive manager window task bar exits the program.

Item manager

After selecting an archive file, a red-bordered Password window appears for you to enter the password for the archive file. Pressing the "Done" button or typing "Enter" (or "Return") in the text field enters the password. This is a timed window and if you don't work in it it will disappear, leaving you back in the Archive manager window. If this happens, try again.

If you are creating a new archive file, you'll be asked for a password for the new archive file. The security of all your information depends on the quality of this password, so choose a good one! The password must have at least 10 non-blank, non-control characters. The password must be confirmed.

If you're accessing a previously-created archive, you'll be asked for its password. If you enter an incorrect password a warning will appear and you'll need to start over. From time to time you may wish to change the password on an existing archive file. To do this, check the "Change on exit" box and continue with the existing password. A new password will be requested when you're done working with the archive.

To allow testing and transitions between cryptographic systems, a special password, *NOCRYPTO*, turns off both encryption and decryption. This is a very risky procedure because the output file is unencrypted and can be read by anyone having access to your machine. Many warning windows appear when this password is in use. To produce an unencrypted archive file, first copy the encrypted file to another file, such as DANGEROUS.spa. Open DANGEROUS.spa with the correct password for the archive, but check the "Change password" box in the Password window. Then quit Spa, changing the password to *NOCRYPTO* on exit. Subsequently, the unencrypted DANGEROUS.spa file may be opened by entering *NOCRYPTO* as the archive password.

If you enter the correct password for an archive the Item manager window pops up. It's also red-bordered and timed to prevent visual compromise.

The Item manager window gives the name and path of the archive file as well as the date/time of the last time it was last changed. The Item manager window displays a directory tree having the archive file name as its root. The tree shows individual items and folders in the archive. Tree paths can be expanded and compressed in the usual manner for your machine.

An Item manager window resulting from a "New" command pushed in the Archive manager is shown below. A typical, filled Item manager window is shown at the left.

Four "Program" folders are always present. These are a Trash folder with Deleted, Edited, and Cut subfolders. These folders may not be renamed, moved, or deleted. Their contents may be edited, if desired, however. When viewed or edited "Program" folders have black borders on their text fields and the word "Program" in the upper right-hand corner.

Items in the archive are created, viewed, and modified by using the left mouse button to select a folder or item, then activating a pop-up menu command with the right mouse button. The pop-up menu contains the following items:

All windows can be adjusted in size and location to fit your operating preferences; these properties are retained. Several items can be viewed or edited at a time. However, each item can appear in only one window at a time.

The Item manager window is a timed window, if you wait too long, you'll return to the Archive manager window and need to re-enter the archive password.

More... menu item

The "More..." menu item brings up five additional commands to organize data in the tree.

Item window

A Item window is popped-up whenever an item is doubled-clicked in the Item manager window or any of the New, New folder, View, or Edit commands are selected from the pop-up menu.

The items available in the pop-up menu depend on the type of Item window. The commands are:

  • Paste Pastes the contents of the system clipboard into the item. This is an insecure operation.

  • Copy selection Copies the selected item text into the system clipboard. This is an insecure operation.

  • Copy all Copies the entire item text into the system clipboard. This is an insecure operation.

  • Show hash Calculates and displays a Daisy secure hash of the item text.

    This is useful for checking that an item hasn't been inadvertently changed.

  • Start FileHash/Paste from FileHash Runs the FileHash hash generator.

    After FileHash has found the hash of a file the command becomes Paste from FileHash. The Paste from FileHash command securely pastes the file name of the hashed file into the item name and the hash found by FileHash into the item text along with the file directory, the date/time, and file size in bytes.

  • Start Trap/Paste from Trap Runs the Trap password generator.

    After Trap has found a password the command becomes Paste from Trap. The Paste Trap command securely pastes the password found by Trap into the key text.

Always use double-clicking or the View command to see existing keys. This reduces the risk of changing them inadvertently.

File cryptography

Spa can encrypt and decrypt files on your machine using keys contained in an archive. This is a very useful and potent feature; however, both care and practice are required to ensure that critical files aren't lost or destroyed.

Be careful and practice before using file cryptography! This is even more important when the file drop feature is enabled.

File cryptography is based on keys contained in the archive. File cryptography commands are only enabled when a locked item is selected. This is to reduce the chance that a item containing a key might be changed slightly between encryption and decryption. Remember that files encrypted with a key can only be recovered with that key...if the key is lost or altered the data is lost and gone forever. As a matter of conservative practice, lock an item containing a key immediately after entering it and don't throw it out.

The best way to set a key is to use the true random password generator, Trap. Run Trap from the "Tools" menu in the Archive manager window. Generate an alphanumeric key having at least 250 bits. Then open Spa and create an item by the "New" command. Select the "Paste from Trap" command in the item window to paste the generated password into the item. Press the "Define" button, then lock the item with the "Lock" command (under "More...").
When the right mouse button is pressed on any locked item 3 file cryptography menu items are enabled.

  • File encrypt: Brings up a file chooser window for selection of the file to be encrypted (the plaintext).

  • File decrypt: Brings up a file chooser window for selection of the file to be decrypted (the ciphertext).

  • File crypto options: Brings up a "File cryptography options" dialog as shown on the right.

  • Encrypt null file: Produces a ciphertext of zero length, a null file. Null files can be sent periodically to reduce the effectiveness of traffic analysis.

To practice file cryptography, open the "File crypto options" dialog and set all 4 directories to your computer Desktop directory. All of the check boxes should be unchecked and the "Output file extension" should be ".bin" as indicated in the above image. Place a copy of a short file on your Desktop, say Letter.doc.

Select the "File encrypt" menu item and choose Letter.doc in the resulting file chooser window. After a warning that Letter.doc remains unencrypted on your machine, the encrypted file Letter.doc.bin appears on your Desktop.

Select the "File decrypt" menu item and choose Letter.doc.bin in the resulting file chooser window. A "Pre-existing file" warning will appear because decryption would otherwise overwrite the file Letter.doc. For practice, enter "No". A file chooser window allows you to name the output plaintext file. The default filename is often convenient.

Select the "Encrypt null file" menu item and note that a dated Null file appears on the Desktop. Select the "File decrypt" menu item and choose the null file. A notice window explains that the decrypted file was a null file and that it has not been written.

File cryptography options

Selecting the "File crypto options" menu item displays more practical ways of using file cryptography.

Perhaps the most important fields in this dialog are the "Input directory" and "Output directory" fields for each command. The "Input directory" field contains the initial input directory for the command. If the users moves to another directory with the input file chooser, this field is modified. The "Output directory" is where files from the command are put, usually without offering a choice. The "Output directory" can only be modified from this dialog. If you "lose" an output file by either command, look at the dialog to see where the file went.

Several options increase security, but should be tried only after experience.

File drop feature

This is a feature which is very convenient, yet requires care and practice in use. It is enabled when the "Drop enable" command is pressed in the pop-up menu under "More ...". When "File drop" is enabled the Item manager appearance changes to:

Note that the background color and the text message at the bottom of the window have changed.

Here the locked key "Key - 20 Aug 2002 [myggu]" has been selected, as indicated by the light blue background. (The File drop feature follows the same procedures for placing the output files as in the "Encrypt file" and "Decrypt file" commands.) Now if the two files Something.doc and Another.doc are grabbed and dragged to the yellow portion of the Item manager window, then they will be encrypted. First, the following window pops up, however:

When the button "No" is pushed the result of the drop, is:

The location of the result on the screen will almost certainly be different. (Here the file extension ".daisy" has been assigned to a key chain icon.)

Similarly, if a group of encrypted files, that is, files with the ".daisy" extension, are dragged to the yellow portion of the Item manager window, then the files will be decrypted using the selected key.

The file drop feature works on any number of files, but each drop does either encryption or decryption of all the files. That is, for encryption none of the files may have a ".daisy" extension. For decryption all the files must have a ".daisy" extension. A drop of a mix of files with the ".daisy" extension and other files yields a warning note.

Options tab of the Help window

The Options tab in the Help window allows changes in system appearance and window delays.

Changes in settings are made ONLY when the "Save settings" button is pressed. Pressing "Done" does NOT change the settings.

Here are two Appearance panel settings of interest:

Timer delays are set on the Window delays panel of the Options tab. Any activity in a window restarts the window timer, so the window closing delay begins only when you become inactive. The timer delays are sequential. That is, if you've placed information on the clipboard, the delay until the return of the secure Startup window is twice the New/View/Edit delay (which is the delay of the Clipboard Warning window plus the New/View/Edit delay) plus the Directory window delay. Long delays increase the chance that you'll leave a key "exposed" for visual compromise.

If you get everything out-of-order by playing with the Options tab, push the "Reset defaults" button to get back to start. Fortunately, actions in the Options tab have no effect on an archive file.

To maintain assorted system parameters, such as those on the Options tab, the program maintains a constants file called Spa.X.Y.ini in your home directory. This file contains no password information (It does contain the names of the archive files, however.) and can be written as a text file Spa.ini.txt in your home directory by pushing the "List settings" button. FileHash and Trap produce settings files FileHash.X.Y.ini and Trap.X.Y.ini respectively.

Daisy cryptosystem

Spa is based on the Rijndael block cipher with a block size of 256 bits, a key size of 256 bits, and a rounds count of 50. This is an extension of the NIST-approved Advanced Encryption Standard, AES-256, to have a block size of 256 bits and a rounds count increased from 30 to 50, as many critics have suggested. The block cipher in Spa has been validated, for standard parameters, against test sets from NIST and from Dr. Brian Gladman, brg@gladman.uk.net (24 May 2001).

The Daisy cryptosystem serves as a wrapper for the particular Rijndael cipher described above. Cipher block chaining (CBC) is a common example of a wrapper for a block cipher. The Daisy wrapper increases security over an electronic codebook (ECB) application of the cipher. Spa encrypted files can not be decrypted directly with a Rijndael block cipher, even with the correct key, because of the Daisy wrapper.

The strength of files encrypted with Daisy depends on the length and randomness of the particular passwords used. The minimum acceptable password for an archive or external file for Daisy encryption must have at least 10 non-blank, non-control characters. The recommended password size for archive files is 15 - 20 characters derived from Trap. For file encryption 100 character keys derived from Trap are recommended. If these recommendations are followed classic cryptanalysis of encrypted files is infeasible. Burglary, TEMPEST, and "Magic Lantern" attacks are more feasible approaches to getting your data.

Practically, the user must be aware of the following characteristics of the Daisy cryptosystem:

© C. V. Kimball 2007