104 replies to this topic

[v77]

Hi v77,
I have been playing around with this tool and investing if it is possible to have ProxyCrypt working with dynamic disks as ImDisk Toolkit is working with dynamic memory for ramdisks?

 

What do you think? Is it possible?

My plan is to exchange the software Folderlock from www.newsoftwares.net with ImDisk and make it portable.

But the last piece is that folderlock has the ability for encrypted dynamic storage.

 

Thanks in advance.

 

So, you mean an encrypted image file that would grow depending on the use of the volume space? Sorry but there is currently not such feature in ProxyCrypt.

It might be interesting though. Theoretically, it's not extremely difficult to implement, if we restrict this to image files without the use of an offset. But this would still require some work and with what I already have in mind for ProxyCrypt, you should not rely on this before a long time.

[zaxie]

So, you mean an encrypted image file that would grow depending on the use of the volume space? Sorry but there is currently not such feature in ProxyCrypt.

It might be interesting though. Theoretically, it's not extremely difficult to implement, if we restrict this to image files without the use of an offset. But this would still require some work and with what I already have in mind for ProxyCrypt, you should not rely on this before a long time.

 

Yes, that is exactly what I'm asking for, I have tried to see if it is possible to extend the current ProxyCrypt with this but its is easier to ask first if it is possible before any work starts.

Can you tell what you have are planing for the future of ProxyCrypt ? :-)

 

Thanks!

 

[v77]

Can you tell what you have are planing for the future of ProxyCrypt ? :-)

 

2 new ciphers. I prefer to not tell what they are, because this kind of thing can be discussed endlessly. But the 3 current ciphers are a bit old, and even if the cryptanalysis has shown no usable weakness, some people do not trust what it is related to US organizations (such as NIST). Other people also think that we should have a cipher based on different methods.
I started the work on one of them, but because of the differences with the 3 current ciphers, their integration into ProxyCrypt will take some time.

And to speak frankly, I am currently focused on ImDisk Toolkit with a new improvement that has taken a lot of time, but fortunately, it should be ready soon. But I can come back right away to ProxyCrypt if there is something to fix or a feature very easy to implement.

[anton_z]

Hi there.

I spent a few hours, but did not understand - can I use proxycrypt with dynamic multipart vmdk file image? ImDisk Toolkit and Arsenal Image Mounter correctly mount this image, but how to do it through the proxycrypt?

Thank you.

[v77]

Hi there.

I spent a few hours, but did not understand - can I use proxycrypt with dynamic multipart vmdk file image? ImDisk Toolkit and Arsenal Image Mounter correctly mount this image, but how to do it through the proxycrypt?

Thank you.

 

No, an image file mounted by ProxyCrypt is directly handled by it.
With ImDisk Toolkit, a vmdk file is handled through the DiscUtils library, but ProxyCrypt does not handle this library. It just reads and writes a file directly.
When you are using ProxyCrypt, ImDisk is only used to create the drive letter and pass the read/write requests from the system to ProxyCrypt. But the one that writes into an image file or directly into a hard drive, it's ProxyCrypt.

[anton_z]

So, if imdisk will have native support vmdk image file, the proxycrypt will work?

[v77]

So, if imdisk will have native support vmdk image file, the proxycrypt will work?

 

As I said, it's ProxyCrypt that writes into the image file. The ImDisk driver knows nothing about that. A diagram could be:

system <-> imdisk <-> proxycrypt <-> image file

So, it would require a support from ProxyCrypt.
But I don't understand what you are trying to do. If you want to encrypt the content of a virtual machine, it would require either that the virtual machine itself writes encrypted data into the vmdk file, or to have an application that encrypt/decrypt a file after the use of the virtual machine. But in both cases, ProxyCrypt can do nothing.

[anton_z]

I have an idea to use multipart disk image consisting of many small files ( for example 64mb one file * 100 files = 6400 mb whole disk) for store my private data in encrypted virtual disk in a cloud (for example DropBox).

[friske]

when ProxyCrypt solves the password successfully console remains active. you can add a switch to return the cursor to the console?

[v77]

when ProxyCrypt solves the password successfully console remains active. you can add a switch to return the cursor to the console?

 

A console application cannot return as long as the process is active.
An application that returns after being started is a windows application.
The difference is done through a flag in the executable and cannot be changed.

However, a funny trick is to use the -run option of ProxyCrypt to run another instance of cmd.exe inside the same console:
ProxyCrypt32.exe -f ImageFile -run cmd ""
But the downside is that you have an extra process of cmd.exe.

[friske]

Do it is possible?: dos launch proxycrypt proxycrypt authenticate if ok proxycrypt create other proxycrypt istance to handle file crypted main proxycrypt end and return to dos.

[v77]

Do it is possible?: dos launch proxycrypt proxycrypt authenticate if ok proxycrypt create other proxycrypt istance to handle file crypted main proxycrypt end and return to dos.

 

Yes, it can work, but what about error messages to display? If I try to use the console, it can interfere with programs executed later. And if I use message boxes, can we still consider it as a console application?

Anyway, as a reminder, the window of the console can be closed without killing the ProxyCrypt process.

[Ilya]

Hi

environtment: server 2012, proxycrypt 1.7.6, imdisk  1.9.2

 

C:\>proxy -l

Drive 0:  1863 GB              [0 - 2000404086783]

 -partition 1:   350 MB        [1048576 - 368050175]

 -partition 2:   194 GB  (C:)  [368050176 - 209716248575]

 -partition 3:   200 GB  (D:)  [209716248576 - 424464613375]

 -partition 4:  1467 GB        [424464613376 - 2000403038207]

 --partition 5:  1024 GB  (R:)  [424465661952 - 1523977289727]

 --partition 6:   200 GB  (E:)  [1523978338304 - 1738726703103]

 --partition 7:   243 GB  (F:)  [1738727751680 - 2000403038207]

 

Drive 1:  7728 MB              [0 - 8103395327]

 -partition 1:  7727 MB  (G:)  [1048576 - 8103395327]

 

creating container in file:

C:\>proxy -c 100m -f F:\test
AES instructions detected.
Uses 8 threads for encryption/decryption.
Total size: 104 857 600 bytes.
104 857 600 bytes used from offset 0.


-Enter size of the encrypted volume (20 KB - 102396 KB).
 Use k, m, g, or t as suffix.
 0 and negative values have the maximum available as base.




-Select encryption algorithm.
 Use commas to combine up to 3 ciphers
 (e.g. 2,1 decrypts first with Serpent, then with AES)
1: AES
2: Serpent
3: Twofish


Unrecognized value. AES selected by default.


-Select password hash algorithm.
1: Whirlpool
2: SHA-3-512


Unrecognized value. Whirlpool selected by default.


Enter password:
*
Confirm password:
*
Creating master keys...
Hashing password...
Volume created successfully.
Encrypted volume of 104 853 504 bytes at offset 4 096.


Creating device...
Connection on object 2814544cbef9e3.
Created device 1: H: -> 2814544cbef9e3
Notifying applications...
Done.

everything is OK. encrypted disk is mounted, formated with no errors.

 

now trying to create container on flash disk using disk|partition|offset:

C:\>proxy -c -d 1 -p 1 -o 1g
AES instructions detected.
Uses 8 threads for encryption/decryption.
MBR detected.
Partition 1 used.
Total size: 8 103 395 328 bytes.
8 102 346 752 bytes used from offset 1 048 576.

-Enter size of the encrypted volume (20 KB - 6863868 KB).
 Use k, m, g, or t as suffix.
 0 and negative values have the maximum available as base.
100m

-Select encryption algorithm.
 Use commas to combine up to 3 ciphers
 (e.g. 2,1 decrypts first with Serpent, then with AES)
1: AES
2: Serpent
3: Twofish

Unrecognized value. AES selected by default.

-Select password hash algorithm.
1: Whirlpool
2: SHA-3-512

Unrecognized value. Whirlpool selected by default.

Enter password:
*
Confirm password:
*
Creating master keys...
Hashing password...
Volume created successfully.
Encrypted volume of 104 857 600 bytes at offset 1 074 794 496.

Creating device...
Connection on object 28167270464137.
Created device 1: H: -> 28167270464137
Notifying applications...
Done.

disk created and mounted. but when i'm trying to format it, i get error:

%Write error: 0 / 8192 bytes at offset 1074790400.
%Write error: 0 / 512 bytes at offset 1074794496.
%Write error: 0 / 512 bytes at offset 1179651584.
%Write error: 0 / 512 bytes at offset 1074795008.
%Write error: 0 / 512 bytes at offset 1074795520.
%Write error: 0 / 512 bytes at offset 1074796032.
%Write error: 0 / 512 bytes at offset 1074796544.
%Write error: 0 / 512 bytes at offset 1074797056.
%Write error: 0 / 512 bytes at offset 1074797568.
%Write error: 0 / 512 bytes at offset 1074798080.
%Write error: 0 / 512 bytes at offset 1074798592.
%Write error: 0 / 512 bytes at offset 1074799104.
%Write error: 0 / 512 bytes at offset 1074799616.
%Write error: 0 / 512 bytes at offset 1074800128.
%Write error: 0 / 512 bytes at offset 1074800640.
%Write error: 0 / 512 bytes at offset 1074801152.
%Write error: 0 / 512 bytes at offset 1074801664.
%Write error: 0 / 512 bytes at offset 1074802176.
%Write error: 0 / 512 bytes at offset 1074802688.
%Write error: 0 / 512 bytes at offset 1074803200.
%Write error: 0 / 512 bytes at offset 1074803712.
%Write error: 0 / 512 bytes at offset 1074804224.
%Write error: 0 / 512 bytes at offset 1074804736.
%Write error: 0 / 512 bytes at offset 1074805248.
%Write error: 0 / 512 bytes at offset 1074805760.
%Write error: 0 / 512 bytes at offset 1074806272.
%Write error: 0 / 512 bytes at offset 1074806784.
%Write error: 0 / 512 bytes at offset 1074807296.
%Write error: 0 / 512 bytes at offset 1074807808.
%Write error: 0 / 512 bytes at offset 1074808320.
%Write error: 0 / 512 bytes at offset 1074808832.
%Write error: 0 / 512 bytes at offset 1074809344.
%Write error: 0 / 512 bytes at offset 1074809856.
%Write error: 0 / 512 bytes at offset 1074810368.
%Write error: 0 / 512 bytes at offset 1074827264.

and system error message "Windows was unable to complete the format disk".

any ideas? 

[v77]

Thanks for this detailed report.
Starting from Vista, you cannot write on a volume in use (unless there is no active file system).
There is a few things I have not yet tested though, but for now, this is the expected behavior.

[friske]

Do it is possible to add a option to start ProxyCrypt whitout mask the password?

[v77]

Do it is possible to add a option to start ProxyCrypt whitout mask the password?

 

You can already do that by pressing the Tab key (this is written at the end of the syntax help).

[friske]

I know this, but i every are in sure place and I'd rather have the opportunity to avoid always press tab. I would like to add an option to the startup in batch file.

[v77]

I know this, but i every are in sure place and I'd rather have the opportunity to avoid always press tab. I would like to add an option to the startup in batch file.

 

OK I understand. It's very easy to do.
However, to avoid keeping the password in clear in memory, it will be still hidden when you press enter.

By the way, I will also add an option to select the alternate input method (which currently requires to enter an empty password).

[friske]

By the way, I will also add an option to select the alternate input method (which currently requires to enter an empty password).

 

- added options to change default behavior of password prompt

ty

[janbe]

Hello v77,

 

I wonder if you can tell us if your software is safe to use even when pass.ware tries to decrypt it?

Do you have any idea about this?

 

Kind Regards

janbe

[v77]

Hello v77,

 

I wonder if you can tell us if your software is safe to use even when pass.ware tries to decrypt it?

Do you have any idea about this?

 

Kind Regards

janbe

 

Well, I don't know this software, so I just read a few things. It looks rather serious.
There would be far too much things to say...

Of course, there is always the hiberfil.sys file, which is a big issue for any encryption software and that should be disabled. And since ProxyCrypt is a user-mode process, another process with administrative privileges could open the ProxyCrypt process and explore its content... But of course, this requires that someone has written a specific attack, which would likely work against only a specific version of ProxyCrypt. And this also requires that the user gives administrative privileges to any software... I can do nothing against those who read nothing.

Anyhow, I try to apply all the good practices I know and that is all I can provide!

About Passware, I doubt that its author has developed an attack against the unpopular ProxyCrypt (and for what I can read here, it's indeed not the case). But even if this was the case, unless using the possibilities previously mentioned, if he try to do a brute-force attack, this could take a lot of time, much more than with TrueCrypt, thanks to the scrypt key derivation function.

[janbe]

Hello,

 

thanks, that is just what I hoped to get answered.

I really like your software and when I am a bit more liquid I will donate for you.

Please continue your good work :-)

 

Kind Regards

[friske]

When i mount in Win7 x64 (no problem in xp) i obtain:

"Do you want to scan and fix ...?"

If i scan obtain:

"windows has unable to complete the disk check."

How avoid it?

[v77]

When i mount in Win7 x64 (no problem in xp) i obtain:

"Do you want to scan and fix ...?"

If i scan obtain:

"windows has unable to complete the disk check."

How avoid it?

 

Is this related to the new version?

Anyhow, it seems that the volume is corrupted. I assume you have copied an image file from your XP to your 7. Did you check whether the new image file is identical to the original? And did you try the chkdsk command?

[friske]

Last version.

I have used same image in win7 from xp.

"Windows has checked the file system and found no problems"