add a filekey encryption

2005-07-05
2012-12-08
1 2 > >> (Page 1 of 2)
  • Nobody/Anonymous

    Add a filekey function for the password encryption.

    That is called a function, with which in place of or in addition to past password-encryption with any or of the program given file (file key) archives can be coded.

     
    • Nobody/Anonymous

      A such encoding would be an excellently idea.
      If I this understand properly a certain file would become the key the deciphering of so secure data.
      Neither WinZip or WineAce offers this function.

       
    • Nobody/Anonymous

      No password is used, but rather an any file for encoding the archive.  Similar to in following programs:
      - Discrib: http://amor.cms.hu-berlin.de/~ratjenar/
      - TSC FileKey 7.0: http://thp.gmxhome.de./software/filekey.zip
      - VSSCrypt: http://www.sichere-daten.de/VssCrypt.zip
      Nice idea.

       
    • norbert3

      norbert3 - 2005-07-12

      Nice idea!

       
    • Nobody/Anonymous

      ljfjtawed0876cshvl pwouwg86gwpu.

       
    • Nobody/Anonymous

      Additional filekey encryption in 7-Zip - this would be a great thing!
      Similar to in following programs:
      - Discrib: http://amor.cms.hu-berlin.de/~ratjenar/
      - TSC FileKey 7.0: http://thp.gmxhome.de./software/filekey.zip
      - VSSCrypt: http://www.sichere-daten.de/VssCrypt.zip
      and
      - DatInf Crypt Version 1.1.0: http://datinf.de/download/crypt.zip

      best regards

       
    • Nobody/Anonymous

      Why ?

       
    • Nobody/Anonymous

      An encryption better than in other progs - just do it !

       
    • Nobody/Anonymous

      Filekey encryption, that means: not a separated part of the program - but an included part.

       
    • Nobody/Anonymous

      You could really think once about this idea!

       
    • Nobody/Anonymous

      Will it ever give such a function?

       
    • Nobody/Anonymous

      I only want a short button (like WinRAR) for encryption!

       
    • Nobody/Anonymous

      With such method the user would have a personal and simple possibility of encryption.
      Somewhat unorthodox however quite conceivablly!

      Igor - is it possible or not?

       
    • Nobody/Anonymous

      File key encryption is nicely executed in the open source otfe program TrueCrypt v4.0. They have a pretty good explanation of it in their help file.

      BTW it is optional to use it. You can still use a password alone, file key alone, or a password and file key.

      I like it. It can offer extra security, with some more complications. It would probably be a large effort to program it.

      Also, you could get TrueCrypt and put your sensitive 7z files in it. OTFE (on the fly encryption) is worth a look if you're security conscious.

      -- tja

       
    • Nobody/Anonymous

      Add an mp3 decoder.
      Add a vector based graphic programme.
      Add a 5th wheel.

       
    • Nobody/Anonymous

      see:
      "PeaZip"
      http://sourceforge.net/projects/peazip

      There is a possibility to add a keyfile.

       
      • Giorgio Tani

        Giorgio Tani - 2006-12-27

        Hi, I think that two factor authentication with filekey encryption could be quite easy to add, in example in the easiest way the frontend program may just hash the keyfile and send the hash appended or prepended to the password (possibly encoding it in exadecimal to allow to treat it as a string). That will allow to sample entropy trough the whole file.
        A sort of convention would be needed to avoid different interfaces using different procedure to add the keyfile to the password, that would make those programs unable to decipher correctly each other's archives.
        Developers should agree on what hash has to be used, how it will be encoded as a string (to avoid issues, expecially for command line programs) and how it could be combined to the password; I would purpose hashing with Whirlpool, encode the hash as hexadecimal and append it to the password.
        It would not require any change in 7-Zip executables, only to the fronted ones.
        Anyway, it should also be noticed that to fully exploit the security margin given by filekey encryption it would be needed to use randomly generated keyfiles.
        With a mechanism as described any third part program may be used for generating those keyfiles, however developing such a program is not trivial and involves sampling various entropy sources (mouse, keyboard, disks, net etc), maintain a persistent entropy pool, perform a proper whitening of the samples etc...

         
    • Nobody/Anonymous

      The example batch file below will do that using 7za under Windows.
      It just reads the first line of any dropped file (text or binary) and allows adding an optional password.  The location of 7za.exe needs to be set in the batch file where indicated.

      To use the batch file, just drag a keyfile and drop it onto the batch file and then answer the prompts.

      EXAMPLE BATCH FILE FOLLOWS:

      @echo off
      :: This will read key from the first line of an existing keyfile dragged and dropped on this batch file
      :: and then will create/update an encrypted 7z volume from a user-input file
      :: or it will decypt a user-input file that ends in .7z.

      :: Set or change the location of 7za.exe after = in the next line
      set ziprog=c:\Program Files\7zip\7za.exe

      echo.
      set /p filekey= < %1
      echo Enter an optional password
      set /p pword= ?
      set key=%filekey%%pword%
      echo.
      echo  Enter target path\file
      set /p target= ?
      if %target:~-3%==.7z goto DECRYPT
      %ziprog% u -t7z "%target%.7z" -p%key% -uq3 -mx9 -mhe -ms=off  "%target%"
      echo.
      set /p stopper= Press ENTER to close this window . . .
      exit
      :DECRYPT
      echo.
      echo  Enter output directory
      set /p outdir= ?
      :: Change e to x in next line to extract to original path
      "%ziprog%" e -p%key% "%target%" -o"%outdir%"
      echo.
      set /p stopper= Press ENTER to close this window . . .
      exit

       
    • Nobody/Anonymous

      filekey encryption:

      why not calculate md5sum of your choosen file and put this in 7ip as password?
      This works for me.

       
    • Nobody/Anonymous

      If "filekey encryption" will come, it would be very useful
      to have the possibility to choose between a random keyfile and an personal keyfile (txt, jpg, doc, xls or any other format)!

      Then 7-Zip would be my favourite compression program!

       
    • Nobody/Anonymous

      see:
      "SAC FTP"
      Security related utils - Passwording, encryption, anti-hacking etc.

      http://sac-ftp.externet.hu/security5.html

       
    • Nobody/Anonymous

      Igor - could you add a "password button" in the 7-Zip GUI (like WinRAR) to remember the password temporarly (for the time, as the program is active)??!

      ___________________________________________________________________________________________

      PS:

      --->   Found a bug if using encryption: If opening encrypted archives   <---

      - no problems if using ZipCrypto or AES-256 for encryption of *.zip archives (if entering a wrong password for opening such archive, then it comes an error message)
      - no problem if using AES-256 (without the option "Encrypt file names") for encryption of *.7z archives (if entering a wrong password for opening such archive, then it comes an error message)
      - problem if using AES-256 (with the option "Encrypt file names") for encryption *.7z archives (if entering a wrong password for opening such archive, then it comes no error message)

      see also:
      the thread "unpacking encrypted 7z archive"
      http://sourceforge.net/forum/forum.php?thread_id=1654455&forum_id=45797

       
    • Nobody/Anonymous

      Filekey encryption - very good idea!
      Until now there is no other known compression tool which support this feature!

       
    • Nobody/Anonymous

      Hi Igor,

      please see:
      "DGCA (Digital G Codec Archiver) V1.10 for Windows95/98/Me/NT/2000/XP"
      Copyright (c) 2000-2006 SYN (Shin-ichi TSURUTA)
      http://www.emit.jp/dgca/dgca_e.html
      - (SelfExtractor 1,271,296byte): http://www.emit.jp/dgca/dgca_v110e.exe
      - (zip 1,474,525byte): http://www.emit.jp/dgca/dgca_v110.zip

      This archiver contains exactly the idea of a filekey encryption!
      But this program has the following disadvantage:
      It's perfectly unknown and unfortunately also not perfect!

      Igor - look at this tool and add such feature in 7-Zip!!!

       
    • Nobody/Anonymous

       
1 2 > >> (Page 1 of 2)

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks