20 Feb 2008

Archive manager

Start the program by double-clicking on the Spa.jar icon. Read and respond to the disclaimer. A green-bordered window labelled "Spa (2.x)" with a combination dial will appear. This Archive manager window creates and selects the encrypted archive files. The border is green because access to your archives isn't possible at this point, that is, your data is secure. Red-bordered windows contain sensitive information and you should be alert when they appear. The Tools menu starts the file hash generator (FileHash) or the True Random Password generator (Trap). The Help button provides information and allows setting of options. Windows produced by Spa can be repositioned and resized at your convenience. Each archive item has its own window position and size. Window positions and sizes are remembered by Spa so that a window will have the same position and size as the last time you used it.

The menu bar of the Archive manager window has three menus: File, Tools, and Help:

• File: Manages your encrypted archive files, allowing for their selection, creation, and deletion. The File menu has three permanent menu items: New, Open, and Remove.
  • New: Defines a new archive file using a conventional file-choosing window. Archive files can have any name and can be located wherever you'd like to keep them. Choose a directory and give a file name, such as Smith.spa. When you've given the name, push the New button on the file chooser window. The new file becomes the default archive file.

  • Open: Any file on your machine can be opened as an archive file with this command. Only files that have been generated by Spa will open successfully, however. When you've selected the file, push the "Open" button on the file chooser window. The new file becomes the default archive file.

  • Remove: When an archive file is created or opened, its name is added to the bottom of the File menu beneath the separator bar. Pulling down the File menu to a particular file name opens that file. If you'd like to remove an archive file name from the File menu, select "Remove" . A pulldown list of archive files will appear in a separate Remove file window.
    

    Locate the file you'd like to remove in this list and push "Remove" to remove it from the list.

    Removing archive files with this command removes them from the File menu, it doesn't actually delete them from your computer. They can always be re-accessed by the "Open" command.

  When you've created or opened a file, the file name will appear on the File menu beneath a separator bar. To access a file, pull down the File menu to the file name.

  The name of the default archive file is displayed in the Archive manager window title. This file can be accessed by clicking anywhere on the combination lock.

• Tools: This menu provides access to two cryptographic tools:
  • File hash generator (FileHash): Computes the hash of an input file.

  • True random password generator (Trap): Generates random passwords by undersampling the noisy output of an FM receiver.

  Both tools have built-in Help menus with "Instructions" tabs explaining their operation.

• Help: This brings up the Help window with several information tabs, plus a tab labelled "Options". Don't attempt to change the option settings until you're thoroughly familiar with the program and read the material below!
  

Item manager

	After selecting an archive file, a red-bordered Password window appears for you to enter the password for the archive file. Pressing the "Done" button or typing "Enter" (or "Return") in the text field enters the password. This is a timed window and if you don't work in it it will disappear, leaving you back in the Archive manager window. If this happens, try again.

If you're accessing a previously-created archive, you'll be asked for its password. If you enter an incorrect password a warning will appear and you'll need to start over. From time to time you may wish to change the password on an existing archive file. To do this, check the "Change on exit" box and continue with the existing password. A new password will be requested when you're done working with the archive.

To allow testing and transitions between cryptographic systems, a special password, *NOCRYPTO*, turns off both encryption and decryption. This is a very risky procedure because the output file is unencrypted and can be read by anyone having access to your machine. Many warning windows appear when this password is in use. To produce an unencrypted archive file, first copy the encrypted file to another file, such as DANGEROUS.spa. Open DANGEROUS.spa with the correct password for the archive, but check the "Change password" box in the Password window. Then quit Spa, changing the password to *NOCRYPTO* on exit. Subsequently, the unencrypted DANGEROUS.spa file may be opened by entering *NOCRYPTO* as the archive password.

The Item manager window gives the name and path of the archive file as well as the date/time of the last time it was last changed. The Item manager window displays a directory tree having the archive file name as its root. The tree shows individual items and folders in the archive. Tree paths can be expanded and compressed in the usual manner for your machine.

An Item manager window resulting from a "New" command pushed in the Archive manager is shown below. A typical, filled Item manager window is shown at the left. Four "Program" folders are always present. These are a Trash folder with Deleted, Edited, and Cut subfolders. These folders may not be renamed, moved, or deleted. Their contents may be edited, if desired, however. When viewed or edited "Program" folders have black borders on their text fields and the word "Program" in the upper right-hand corner.

Items in the archive are created, viewed, and modified by using the left mouse button to select a folder or item, then activating a pop-up menu command with the right mouse button. The pop-up menu contains the following items:

• New Brings up a timed New item window to allow entry of an item into the archive. If the selected tree node is a folder, the newly-defined item is placed in that folder. If the selected node is an item, the new item is placed below it in the same folder. A right mouseclick allows text from the system clipboard to be pasted into the password area. Using the system clipboard is insecure. Pushing the "Define" button on the New window enters the item into the archive. If a name isn't specified, a name is created from the current date and time.
  

  A right mouse click in the New window makes a pop-up window available with a choice: "Paste". This allows pasting from the insecure system clipboard.

• New folder Brings up a timed "New folder" window to create a new folder at the specified node. If the selected tree node is a folder, the folder is placed in that folder. If the selected node is an item, the folder is placed in the same folder. Any desired text can be saved in a folder. Pushing the "Define" button on the New folder window enters the item into the archive. If a name isn't specified, a name is created from the current date and time.

  A right mouse click in the New folder window makes a pop-up window available with a choice: "Paste". This allows pasting from the insecure system clipboard.

• View Shows the name, tree path, the date/time of last change, and data for the selected item in the tree in a timed View window. An item can not be modified with this command. Use the "Edit" command to modify an item.
  

  A right mouse click in the View window makes a pop-up window available with two choices: "Copy all" or "Copy selected". This allows copying the entire item or a selected portion of the item to the system clipboard. This is an insecure operation! If you choose to do this, the Clipboard Warning! window pops up and flashes annoyingly.

  

  If the "Clear clipboard" button isn't pushed, the window times out and clears the clipboard by itself.

• Edit Brings up a timed Edit window to allow editing of the selected item or folder.

  A right mouse click in the Edit window makes a pop-up window available with three choices: "Paste", "Copy all", and "Copy selected". This allows pasting from the system clipboard and copying the entire item or a selected portion of the item to the system clipboard. This is an insecure operation! If you choose to copy to the system clipboard, the Clipboard Warning! window pops up and flashes annoyingly. If the "Clear clipboard" button isn't pushed, the window times out and clears the clipboard by itself.

• Delete Removes the selected item from the directory tree. The item is saved in the "Trash" subfolder "Deleted". Folders that contain items can't be deleted until their content items have been removed.

  Items already in "Edited", "Deleted", or "Cut" subfolders of the "Trash" folder are permanently removed by this command.

• File encrypt Activates the encryption of a file using the selected key in the archive. Don't use this command until you've read the instructions for file cryptography.

• File decrypt Activates the decryption of a file using the selected key in the archive. Don't use this command until you've read the instructions for file cryptography.

• Options Brings up a window to set options for file cryptography. Don't use this command until you've read the instructions for file cryptography.

• Encrypt null file Encrypts a file of zero length, a null file, using the selected key in the archive. Don't use this command until you've read the instructions for file cryptography.

• More ... Secondary actions for managing the archive are included on this submenu, which is described below.

• Exit Exits the Item manager window, encrypts and saves the archive file, and returns to the secure Archive manager window. The program emits a single beep indicating that the data has been secured. Clicking the Item manager window close button, "X", has the same effect.

The Item manager window is a timed window, if you wait too long, you'll return to the Archive manager window and need to re-enter the archive password.

More... menu item

The "More..." menu item brings up five additional commands to organize data in the tree.

• Copy Copies the selected item or folder to an internal, secure clipboard for later pasting on the tree.

• Cut Removes the selected item or folder from the directory tree and copies it to an internal, secure clipboard for later pasting. The item is automatically saved in the "Trash" subfolder "Cut". It is automatically removed from "Cut" if it is pasted somewhere else on the tree.

• Paste Places the contents of the internal secure clipboard at the selected node. If the selected tree node is a folder, the pasted item is placed in that folder. If the selected node is an item, the pasted item is placed in the same folder.

• Lock/Unlock Sets a lock on the selected item so that the item can not be deleted or edited without first unlocking the item. Locked items can be copied, but not cut. Locked items have red borders on their text fields and the word "Locked" in the upper right-hand corner.

  All new items are unlocked in default operation.

  The "Lock" command doesn't control the security of your data. It protects against accidental, but authorized, changes or deletion of items. File cryptography can only be done with locked keys.

• Enable drop/Disable drop Controls the file drop feature in file cryptography. Don't use this command until you've read the instructions for file cryptography.

Item window

A Item window is popped-up whenever an item is doubled-clicked in the Item manager window or any of the New, New folder, View, or Edit commands are selected from the pop-up menu.

The items available in the pop-up menu depend on the type of Item window. The commands are: Paste Pastes the contents of the system clipboard into the item. This is an insecure operation. Copy selection Copies the selected item text into the system clipboard. This is an insecure operation. Copy all Copies the entire item text into the system clipboard. This is an insecure operation. Show hash Calculates and displays a Daisy secure hash of the item text. This is useful for checking that an item hasn't been inadvertently changed. Start FileHash/Paste from FileHash Runs the FileHash hash generator. After FileHash has found the hash of a file the command becomes Paste from FileHash. The Paste from FileHash command securely pastes the file name of the hashed file into the item name and the hash found by FileHash into the item text along with the file directory, the date/time, and file size in bytes. Start Trap/Paste from Trap Runs the Trap password generator. After Trap has found a password the command becomes Paste from Trap. The Paste Trap command securely pastes the password found by Trap into the key text.

Always use double-clicking or the View command to see existing keys. This reduces the risk of changing them inadvertently.

File cryptography

Spa can encrypt and decrypt files on your machine using keys contained in an archive. This is a very useful and potent feature; however, both care and practice are required to ensure that critical files aren't lost or destroyed. Be careful and practice before using file cryptography! This is even more important when the file drop feature is enabled. File cryptography is based on keys contained in the archive. File cryptography commands are only enabled when a locked item is selected. This is to reduce the chance that a item containing a key might be changed slightly between encryption and decryption. Remember that files encrypted with a key can only be recovered with that key...if the key is lost or altered the data is lost and gone forever. As a matter of conservative practice, lock an item containing a key immediately after entering it and don't throw it out. The best way to set a key is to use the true random password generator, Trap. Run Trap from the "Tools" menu in the Archive manager window. Generate an alphanumeric key having at least 250 bits. Then open Spa and create an item by the "New" command. Select the "Paste from Trap" command in the item window to paste the generated password into the item. Press the "Define" button, then lock the item with the "Lock" command (under "More..."). When the right mouse button is pressed on any locked item 3 file cryptography menu items are enabled. File encrypt: Brings up a file chooser window for selection of the file to be encrypted (the plaintext). File decrypt: Brings up a file chooser window for selection of the file to be decrypted (the ciphertext). File crypto options: Brings up a "File cryptography options" dialog as shown on the right. Encrypt null file: Produces a ciphertext of zero length, a null file. Null files can be sent periodically to reduce the effectiveness of traffic analysis.

To practice file cryptography, open the "File crypto options" dialog and set all 4 directories to your computer Desktop directory. All of the check boxes should be unchecked and the "Output file extension" should be ".bin" as indicated in the above image. Place a copy of a short file on your Desktop, say Letter.doc.

Select the "File encrypt" menu item and choose Letter.doc in the resulting file chooser window. After a warning that Letter.doc remains unencrypted on your machine, the encrypted file Letter.doc.bin appears on your Desktop.

Select the "File decrypt" menu item and choose Letter.doc.bin in the resulting file chooser window. A "Pre-existing file" warning will appear because decryption would otherwise overwrite the file Letter.doc. For practice, enter "No". A file chooser window allows you to name the output plaintext file. The default filename is often convenient.

Select the "Encrypt null file" menu item and note that a dated Null file appears on the Desktop. Select the "File decrypt" menu item and choose the null file. A notice window explains that the decrypted file was a null file and that it has not been written.

File cryptography options

Perhaps the most important fields in this dialog are the "Input directory" and "Output directory" fields for each command. The "Input directory" field contains the initial input directory for the command. If the users moves to another directory with the input file chooser, this field is modified. The "Output directory" is where files from the command are put, usually without offering a choice. The "Output directory" can only be modified from this dialog. If you "lose" an output file by either command, look at the dialog to see where the file went.

Several options increase security, but should be tried only after experience.

• Ask to delete input plaintext: When this box is unchecked, plaintext files are left as-is on your machine. If this is a hazard, check the box and a prompt to delete the palintext file will be made after encryption. If you accept the delete, the file will be thoroughly deleted. Be careful!
• Hide file names: When this box is unchecked, ciphertext files have the same name as the corresponding plaintext files, but with a .bin extension. This isn't usually good practice. Checking the check box will result in ciphertext files having names of the form aaaaaaaaaa.bbbbbbbbbb.bin where the a and b sequences are random characters from a ... z. Because of the Daisy system, the same plaintext will produce different file names at different times.

  Include cipher hash at start of filename Checking this box will pre-append a hash of the cipher keys name to the ciphertext filename. This is convenient if you use different keys and can't remember which key to use on a given ciphertext. It's an asset to an cryptanalyst, too. You can provide you own text for this purpose by placing the text within square brackets in the key name, i.e. My key [Carrot] as a key name will produce Carrot.aaaaaaaaaa.bbbbbbbbbb.bin ciphertext files.

• Output file extension: This field contains the file extension for ciphertext files. It's usual value, .bin, is convenient, yet can be changed. The ciphertext file extension should be different from the extension of files you're likely to want to encrypt and should not be changed very often! For example, if you expect to encrypt .bin files, you might want to have .zip or .daisy extensions. Text extensions, such as .txt, will cause problems in inter-system transfers and should be avoided. The output file extension can be set empty, however, this impedes the drop file option described later and may cause confusion in ftp transfers.

File drop feature

Note that the background color and the text message at the bottom of the window have changed.

Here the locked key "Key - 20 Aug 2002 [myggu]" has been selected, as indicated by the light blue background. (The File drop feature follows the same procedures for placing the output files as in the "Encrypt file" and "Decrypt file" commands.) Now if the two files Something.doc and Another.doc are grabbed and dragged to the yellow portion of the Item manager window, then they will be encrypted. First, the following window pops up, however:

When the button "No" is pushed the result of the drop, is:

The location of the result on the screen will almost certainly be different. (Here the file extension ".daisy" has been assigned to a key chain icon.)

Similarly, if a group of encrypted files, that is, files with the ".daisy" extension, are dragged to the yellow portion of the Item manager window, then the files will be decrypted using the selected key.

The file drop feature works on any number of files, but each drop does either encryption or decryption of all the files. That is, for encryption none of the files may have a ".daisy" extension. For decryption all the files must have a ".daisy" extension. A drop of a mix of files with the ".daisy" extension and other files yields a warning note.

Options tab of the Help window

The Options tab in the Help window allows changes in system appearance and window delays.

Changes in settings are made ONLY when the "Save settings" button is pressed. Pressing "Done" does NOT change the settings.

Here are two Appearance panel settings of interest:

• Show file target: When checked (default) a combination lock target for clicking and opening the default archive file is displayed. Unchecking this box gives a more compact display which requires using the File command to open the archive.
  

• Show tip: When checked (default) a tool tip is shown when the mouse enters the combination lock target. Sophisticated users find this annoying and will want to uncheck this box.

If you get everything out-of-order by playing with the Options tab, push the "Reset defaults" button to get back to start. Fortunately, actions in the Options tab have no effect on an archive file.

To maintain assorted system parameters, such as those on the Options tab, the program maintains a constants file called Spa.X.Y.ini in your home directory. This file contains no password information (It does contain the names of the archive files, however.) and can be written as a text file Spa.ini.txt in your home directory by pushing the "List settings" button. FileHash and Trap produce settings files FileHash.X.Y.ini and Trap.X.Y.ini respectively.

Daisy cryptosystem

The Daisy cryptosystem serves as a wrapper for the particular Rijndael cipher described above. Cipher block chaining (CBC) is a common example of a wrapper for a block cipher. The Daisy wrapper increases security over an electronic codebook (ECB) application of the cipher. Spa encrypted files can not be decrypted directly with a Rijndael block cipher, even with the correct key, because of the Daisy wrapper.

The strength of files encrypted with Daisy depends on the length and randomness of the particular passwords used. The minimum acceptable password for an archive or external file for Daisy encryption must have at least 10 non-blank, non-control characters. The recommended password size for archive files is 15 - 20 characters derived from Trap. For file encryption 100 character keys derived from Trap are recommended. If these recommendations are followed classic cryptanalysis of encrypted files is infeasible. Burglary, TEMPEST, and "Magic Lantern" attacks are more feasible approaches to getting your data.

Practically, the user must be aware of the following characteristics of the Daisy cryptosystem:

• Output size: To conceal the length of the plaintext message, the length of the ciphertext is filled in to be a multiple of the "Output size". The "Output size" parameter for encryption of archive and external files is set independently. The recommended choice for "Output size" is about twice the size of the average input plaintext. When Spa closes an archive file, the size of the plaintext file is printed to System.out.

  The current "Output size" for a Spa archive is 1 MByte. The default "Output size" for file encryption is 100 kBytes and should be increased if files longer than about 75 kBytes are encrypted.

• Time variability: Daisy incorporates the local time (in milliseconds) into the encryption process. Therefore, the same plaintext encrypted at different times will have a different ciphertext. This is true of empty plaintexts, too.

• Internal checksum: Daisy incorporates an internal checksum which is checked on decryption. If no error messages arise in a decryption, the decrypted plaintext is exactly the same as the encrypted plaintext.

© C. V. Kimball 2007