On 05.09.2013 21:03, Paul E. Jones wrote:
How about a way to verify one's knowledge of a key without doing the actual bulk decryption.
AES Crypt already does that. The key/password decrypts a block of data that contains the "real" initialization vector and key used to do the bulk encryption. So, if you enter the wrong password 4 a 4GB file, it will not have to decrypt the entire 4GB file.
Suppose I have an .aes file and I would like to answer the question "Does this file have the password that I think it has?" without actually decrypting the file.
One has to do some decryption to get that answer, but it's fairly minimal.
I basically got this all working in a satisfactory way; just some minor tweaks are needed. Now when you right click in Windows Explorer on one or more .aes files, you get two AES menu items: AES Decrypt and AES Check. (For non-crypted files, you get just AES Encrypt, as usual.) AES Decrypt is the same as before. AES Check brings up nearly the same password dialog as decrypt, except that the title is different and there is an extra checkbox to optionally verify the integrity of the file. If you checkbox the verification option, then the program goes through the full decrypt and HMAC verification. In both cases, failure invokes the existing logic and its error messages. Success brings up confirmation messageboxes informing the user that the password is okay, or that the file appears to be is unaltered. What I have left to do is to automatically dismiss the progress bar dialog when verification is done. Right now, I get the success message box bubbling up, while the progress bar still continues moving for a fraction of a second in the background, and remains visible until the success message box is dismissed.
More options = more complexity and people get confused. A much easier way to see if a file is valid or not is to do an SHA-1 or SHA-256 hash over the file. I do precisely that when I archive files in cloud storage. I encrypt files, record the hash (before and after encryption), and then archive the file. When I pull the file from storage, I can verify the hash is what I had recorded in my local database.
Now, that's a little more complex. But, you could do the same thing. Just produce hashes of encrypted files. Here are some SHA-1 tools to do that: http://www.packetizer.com/security/sha1/
But there is already SHA-1 hashing inside AESCrypt; there is value and simplicity in being able to just use that to check the file. More tools, extraneous files (or file properties) and manual steps are going to be daunting for the average end user, comparing to having a simple, integrated way to do this.
Some of these things you want to do are interesting, but can easily be done with scripts at the Linux shell prompt.
This is obviously not easy for the average user who doesn't have a clue about Linux and shell scripting (and is on Windows anyway). The Windows Explorer integrated form of AESCrypt is very easy to use. Non-programmer type people can wrap their heads around it in the space of a 10 minute tutorial, and I think it is still that way with this check password/validate functionality. It can be easily explained as a "dry run" which just scans the file to check that it can be decrypted, as if the computer were doing it "mentally" without actually writing out the result to a file.