Application Center - Maplesoft

App Preview:

Safe AES CBC mode directory encryption/decryption

You can switch back to the summary page by clicking here.

Learn about Maple
Download Application




hide/show description

 

 

 

 

© Czeslaw Koscielny 2012

Wroclaw University of Applied Informatics, Poland

e-mail: ckoscielny@horyzont.eu

 

Safe AES CBC mode directory encryption/decryption


Introduction

      Meaningful number of people believe that in AES  is a secret backdoor (e.g.  http://forums.hak5.org/index.php?showtopic=13355, http://www.infoworld.com/d/security/aes-proved-vulnerable-microsoft-researchers-170218). It may be supposed that the backdoor can be generated by the KeyExpansion routine and by the process of executing many times cryptographic transformations. As it is known, the element of the AES algorithm,  KeyExpansion routine, processes an entered by the user secret key of 4*Nk bytes, Nk equal either 4, 6 or 8 and generates an expanded key w containing 16*(Nr+1) bytes, Nr denoting the number of so-called rounds equal 10 if Nk = 4, equal 12 in case Nk=6 and equal 14 in case Nk is 8. Such intentional manipulation on the secret key can breed the elimination of many of its bytes, and the eliminated bytes of the secret key may be  replaced by the values known to initiates.  In the presented application this hypothetic  thread is entirely eliminated: the KeyExpansion routine is not used, the value of Nr is equal to 1, thus, the expanded key w contains 32 random bytes, dependent on the user password only. This way the presented implementation can be considered as a secure AES  with 256 bit key, which is many times more faster than the conventional algorithm.

How to use the application
      The worksheet secureaes.mw should be saved in the root directory of a flash disk, because  this flash disk will contain all data, needed for decryption process and after encryption/decryption operation it can be disconnected and stored in a secure place. After opening the document the user will see the window, allowing to pick the desired operation:

 

Fig. 1. The initial window of  the application

 

After clicking the button <Encryption>  the next window is displayed. In the first textbox an arbitrary password between quotation marks should be written down, and in the second the letter of a flash disk with the saved secureaes.mw worksheet.

 

Fig. 2. The window for starting the directory  encryption

 

It is possible now to select directory for encryption by clicking the button <Select directory> using the window, shown in Fig. 3.

 

Fig. 3. The window for picking the directory to encrypt

 

As can be seen, the directory G/p2c has been picked with the button <Select directory>. The selected directory should not contain subdirectories.  To perform the encryption the button <Encrypt directory> of the window from Fig. 2 should be activated.

 

Fig. 4. The window from Fig. 2 after executing the encryption procedure

 

After encryption, the directory contains the encrypted files and the plaintext files have been deleted. The name of an encrypted file is the concatenation of the plaintext file name and the extension saes.  In the flash disk F the file G__p2c_kf.cbc  has been saved, containing data  (password, initial cbc vector, etc.)  needed for decryption. It may be noticed that the name of this file begins with the information determining the encrypted directory.

     To decrypt the encrypted directory,  the flash disk with the application ought to be plugged in, and the worksheet   secureaes.mw opened in the Maple session. In the window as in Fig. 1. the button <Decryption> should be clicked, which makes an  appearance of the window shown in Fig. 5:

Fig. 5. The window starting operation of directory decryption

 

Clicking now  <Select *_kf.cbc file> button generates the window, Fig. 6, which allows to find the file with the name  *_kf.cbc, containing the data for decryption definite directory.

 

Fig. 6. The window for picking the *_kf.cbc file

 

By means of the button <select file>  the selection has been accepted.  The window from Fig. 6 vanish and to perform the decryption operation of the directory G:/p2k/_kf the button <Decipher directory>  must be clicked.

 

Fig. 7. The application window after performing the directory decryption

 

Legal Notice: The copyright for this application is owned by the author. Neither Maplesoft nor the author are responsible for any errors contained within and are not liable for any damages resulting from the use of this material. This application is intended for non-commercial, non-profit use only. Contact the author for permission i f   you wish to use this application in for-profit activities.

 

 

 

NULL