Jump to content











Photo
- - - - -

ProxyCrypt

arsenal image mounter imdisk proxy encryption volume

  • This topic is locked This topic is locked
104 replies to this topic

#1 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 05 November 2013 - 08:42 PM

Project moved here.



#2 MichaelZ

MichaelZ

    Frequent Member

  • Team Reboot
  • 333 posts
  • Location:Braunschweig, Germany
  •  
    Germany

Posted 06 November 2013 - 02:10 PM

Hi v77,

 

what's the advantage of ProxyCrypt compared to TrueCrypt?

 

Many Greetings

MichaelZ



#3 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 06 November 2013 - 07:23 PM

The main feature that TrueCrypt doesn't have is to create an encrypted volume in the middle of an image file or even of a non-encrypted physical drive partition.
This is a form of steganography that gives different possible strategies compared with the "plausible deniability" of TrueCrypt (which is, in my opinion, not really steganography because a hidden volume can only be created inside a standard TrueCrypt volume).

There is also another advantage over TrueCrypt: it is very easy to compile (and so, to check or even to customise). No need to sign a driver (thanks to ImDisk), no need to download several hard-to-find softwares... This way, you don't have to trust me, which is good for this kind of software.

There is less obvious advantages, like the fact TrueCrypt leaves several informations in the registry or in the event logs, like the date and hour of each use of TrueCrypt. As far as I know, ImDisk doesn't write this kind of information. So, using ImDisk is not only a great help for me, but also a true advantage for the user.

About the security, ProxyCrypt could be also more robust against brut force attacks, because of the scrypt key derivation function. TrueCrypt uses PBKDF2, which is still secure, but easy to parallelize, which is not good with the capabilities of the current GPUs. Scrypt can be tuned to use as much as RAM (and CPU) than the user want, which increases a lot the hardware requirement. By the way, it is this function that uses 140 MB of RAM. I can reduce if it is really too much, but this will help the attackers. And for a new software, we should anticipate the future possible attacks and the hardware evolutions.

That said, there are also some things that I will never implement, like a GUI or the system encryption. I don't want to rewrite TrueCrypt, but rather to provide an alternative.



#4 bilou_gateux

bilou_gateux

    Frequent Member

  • Expert
  • 230 posts
  •  
    France

Posted 09 November 2013 - 03:59 PM

Just gave it a try.

 

Windows XP Professional w/ SP3

Latest available ImDisk 1.7.6

 

I created a 8Mb image:

ProxyCrypt32.exe -f %Temp%\imcrypt.img -c 8MB

Select encryption algorithm:

1: AES

Select password hash algorith:

1: Whirlpool

Enter size of the encrypted volume (28 KB - 8188 KB).

0

Enter password (press Tab to show/hide):

*******

Confirm password (press Tab to show/hide):

*******

Creating master keys...

Hashing password...

Encrypted volume of 8384512 bytes at offset 4096.

 

Creating device...

Connection on object ProxyCrypt253b1f.

Created device 2: G: --> ProxyCrypt253b1f

Notifying applications...

Done.

 

followed by blinking cursor after last output 'Done.'

 

How to get back to the prompt?



#5 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 09 November 2013 - 08:13 PM

How to get back to the prompt?

 

You can't, because the program can have to write other messages into the console.
However, when the process is not writing a message, it is "detached" from the console. This means that you can close the window without killing the process of ProxyCrypt.
The only way to retrieve the prompt of this console is to unmount the encrypted volume: like for any ImDisk volume, right-click on the drive letter and choose "Unmount ImDisk Virtual Disk"

(or in another console, type for instance the command imdisk -D -m G: ).

Anyway, thanks for testing. And be careful with this version: it can crash if you attempt to write several GB at once into an encrypted volume. This will be fixed in the next release.



#6 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 15 November 2013 - 11:01 AM

This 3rd beta version brings the compatibility with Arsenal Image Mounter. This was quite easy to implement because the shared memory protocol is the same.

There is several bugs that should now be fixed, and I am not sure to find out many other by myself. So, this could be the last beta version. All feedback will be greatly appreciated.



#7 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 28 November 2013 - 07:27 PM

Version 1.0.0
- major speed-up of Serpent, thanks to SSE2 optimizations
- security improvement: header backup is now done with a different salt
- security improvement: access date and write date of image files are now restored when exiting
- fix: an error occurred if no partition was specified and a MBR/GPT without partition was found, MBR/GPT is now ignored in this case
 

In order to confirm the correctness of the implementation of the scrypt key derivation function, I added in the source a SHA-256 function, because the official test vectors are only using this hash function. And it seems that all is working fine.
I also did tests on large amounts of data without finding problem.
So, I think it is time for the first stable release.

Some words about SHA3: I know that it is a bit early to implement it, but this is only a matter of months.
Even with the last email of John Kelsey on this subject, it seems difficult to know if SHA3 will be changed or not. The Keccak team are seemingly focusing on the performance of their function, while many people, including myself, prefer to keep the security given by the original submission.
So, here is my intention: if the original submission is kept, then there will be nothing to change. If the standard is made with something else (that is, something less secure), then I will keep the current implementation by changing only the name, because I want to keep the most secure possible version of this function.

Anyway, I hope this tool will be usefull.



#8 q8s5d4

q8s5d4
  • Members
  • 1 posts
  •  
    Argentina

Posted 11 January 2014 - 06:12 PM

How can I automatically mount a volume at windows startup?

Is it possible to put a password (or "key files" like in diskcryptor) on a usb key to be able to automatically mount a volume at windows startup?

#9 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 23 June 2014 - 12:10 PM

Perhaps I should have tell sooner that, but as I think that in most cases, some features are more an advantage for an adversary than for ourselves, e.g. "key files" of "plausible deniability", there is no plan about that.

 

 

Despite his number, this new version 1.5.0 is a major one (I have something else in mind for the version 2). Ciphers of cascade encryption can now be chosen freely, up to 3 ciphers. This means that the new created combinations will not be usable on previous versions. However, of course, previously created volumes are still recognized.

Another new feature is the ability to auto-dismount when system enters a suspended state (standby or hibernate). Unfortunately, starting from Vista, we have only 2 seconds to process the notification. This means that in a very few cases, ProxyCrypt could be still loaded when the suspended state happens. However, access to the encrypted data and sensitive data like encryption keys should always be removed.



#10 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 05 November 2014 - 08:46 PM

I solved, excuse me.



#11 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 05 November 2014 - 09:21 PM

 

create an encrypted volume in the middle of an image file or even of a non-encrypted physical drive partition.

How to do?

 

About 140 MB of RAM temporarily required for password checking

Why? I do not know of any other software that does this.
 

 

 -b    If backup_file does not exist, it will be created with the content of

What's backup_file?  how to use it?  I tried but it only removed the volume.

 

Thanks.



#12 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 05 November 2014 - 11:04 PM

How to do?

 

Simply with the -o switch. For instance, if you want that the encrypted data start after the first MB of a given file, you just have to add -o 1M to the command line.
 

 

Why? I do not know of any other software that does this.

 

Because of the scrypt key derivation function: it is designed to use as much as memory that we want in order to reduce to possibilities to use parallelized methods for brute-force attacks (for instance by using GPU for calculations).

 

 

What's backup_file?  how to use it?  I tried but it only removed the volume.

 

Each encrypted volume has a "volume header": this is a small block of data that contains several informations about the encrypted volume, including the master keys.
The master keys are used for the volume itself, while the header is encrypted with keys derived from the password: this is why you can change the password without re-encrypt all the volume, since only the header will be re-encrypted.

Of course, if for some reasons the header is modified, you will no longer be able to mount the volume, and so, all your encrypted data are lost.
To avoid that, you can create a backup of this header: with the -b switch, a new file will be created with the content of the header.

But I don't understand what you mean by "removed the volume". This option is not supposed to remove anything...



#13 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 05 November 2014 - 11:16 PM

But I don't understand what you mean by "removed the volume". This option is not supposed to remove anything...

excuse me, i mean -b = "unmount the volume".

How to use -b?

ty :)



#14 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 06 November 2014 - 12:01 AM

 

But I don't understand what you mean by "removed the volume". This option is not supposed to remove anything...

excuse me, i mean -b = "unmount the volume".

How to use -b?

ty :)

 

 

Except with the auto-dismount feature, ProxyCrypt does not unmount any volume (unless there is a bug?).
-b is used before a volume is mounted, in addition to the other parameters, because it needs the password for accessing the content of the header and re-encrypt it.



#15 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 06 November 2014 - 12:03 AM

What do I do with the backup file generated?



#16 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 06 November 2014 - 12:31 AM

What do I do with the backup file generated?

 

Well, what you want... :)

-b switch is used as well to save or to restore the header (depending if the specified file exists or not). So, once you got it, the same command will restore the header.

Note that if meanwhile you change the password, the one that will be asked is the one of the backup, because if you need to do that, it means that the current header is no longer working. So, you have to remember it. But of course, as a precaution, if the correct password is not given, the backup is not restored. After all, it would be useless without the correct password...

Note also that the saved header looks different because it is encrypted with a new "salt". However, when a header is restored, its content is copied as is.



#17 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 06 November 2014 - 11:35 AM

 

The main feature that TrueCrypt doesn't have is to create an encrypted volume in the middle of an image file or even of a non-encrypted physical drive partition.
This is a form of steganography that gives different possible strategies compared with the "plausible deniability" of TrueCrypt (which is, in my opinion, not really steganography because a hidden volume can only be created inside a standard TrueCrypt volume).

 
I would like a detailed discussion of this topic.
In truecrypt if you ask me the password I give a for the fake volume but in which mode the ProxyCrypt protect?

#18 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 06 November 2014 - 11:35 AM

The main feature that TrueCrypt doesn't have is to create an encrypted volume in the middle of an image file or even of a non-encrypted physical drive partition.
This is a form of steganography that gives different possible strategies compared with the "plausible deniability" of TrueCrypt (which is, in my opinion, not really steganography because a hidden volume can only be created inside a standard TrueCrypt volume).

I would like a detailed discussion of this topic.
In truecrypt if you ask me the password I give a for the fake volume but in which mode the ProxyCrypt protect?



#19 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 06 November 2014 - 02:21 PM

I would like a detailed discussion of this topic.
In truecrypt if you ask me the password I give a for the fake volume but in which mode the ProxyCrypt protect?

 

In the case you have to reveal your password, your adversary is a human. This means that being "plausible" is not enough. Even if your adversary cannot prove that there is a hidden volume, it will be obvious for him that there is a hidden volume, because this is one of the most known features of TrueCrypt.
You will just succeed to irritate him, and this will go against you. That's why I cannot accept such strategy. And that's why the "plausible deniability" will never be implemented in ProxyCrypt.



#20 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 21 November 2014 - 07:05 PM

I really like ProxyCrypt.

The only thing I did not like it and mount it takes a lot of time and memory.

I know this depends on the security, but you can add an option to mount the file quickly without consuming RAM?



#21 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 21 November 2014 - 08:01 PM

I really like ProxyCrypt.

The only thing I did not like it and mount it takes a lot of time and memory.

I know this depends on the security, but you can add an option to mount the file quickly without consuming RAM?

 

Thanks for your interest.
Unfortunately, what you are asking means to bypass the security given by the scrypt key derivation function.
Using less RAM and CPU is possible but it means to reduce the security of this function.
Perhaps I have put the requirements a bit high, but for a new software, I wanted to anticipate the hardware improvements.

That said, the used RAM is freed after the password is accepted, and some softwares do the same without telling you...
About the required time, yes, 3 or 4 seconds on some laptops may seem lengthy, but when TrueCrypt was published, it took as much time on much machines...



#22 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 22 November 2014 - 08:35 AM

About the required time, yes, 3 or 4 seconds on some laptops may seem lengthy, but when TrueCrypt was published, it took as much time on much machines...

In my pc it takes 25 seconds, do it is normal?



#23 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 22 November 2014 - 01:50 PM

In my pc it takes 25 seconds, do it is normal?

 

:eek:

Not really...
The scrypt function heavily uses SSE2 instructions. This excludes too old CPUs. This also means that the performances between 32 and 64-bit versions should be similar.
On a Core i7 2600k, it takes about 1 second. On a Core i3 380M, it takes 3-4 seconds.

2 threads are used to parallelize scrypt-Whirlpool and scrypt-SHA3, because we don't know in advance what is the used hash function. But CPUs with only 1 core and without hyperthreading are quite rare nowadays...

But even so, your result is rather surprising. May I ask you what is your CPU?



#24 friske

friske

    Frequent Member

  • Advanced user
  • 244 posts
  •  
    Italy

Posted 22 November 2014 - 03:32 PM

AMD Sempron SI-40
can affect password lenght or cascade encryption?



#25 v77

v77

    Silver Member

  • Team Reboot
  • 521 posts
  •  
    France

Posted 22 November 2014 - 04:29 PM

If we assume that the SSE2 hardware implementation of your CPU is as good as the one of the Core i3, given the fact you have only 1 core and 1 thread, and the frequency, it should take about 10 seconds.
But given the results we can find on http://www.cpubenchmark.net/ for one thread at the same frequency, the SI-40 is about 3 times less efficient than the i7 2600k.
So, finally, this is not so weird...

That said, it's still a bit disappointing because the core of the scrypt function does not access the RAM and uses only very simple instructions on integers.

Well... I would say that you have one of the worst CPUs able to run ProxyCrypt...

And making the scrypt parameters configurable by the user seems difficult because if there is several possible configurations, we need to test each of them.
So, I'm sorry but you should not expect major improvement on this point.

The password length should not affect noticeably the speed of scrypt.
About the cascade encryption, the best is likely to check that yourself with the integrated benchmark:
ProxyCrypt64 -bm

 

 

Edit:
In fact, there may be a possibility...
I could check the number of threads that the CPU is able to run, and if there is only one thread, I start the scrypt functions sequentially: first scrypt-Whirlpool, and if the password is incorrect, scrypt-SHA3. This way, if you use scrypt-Whirlpool, this might divide the required time by 2 because scrypt-SHA3 will not be computed. What do you think?

By the way, I would love to get the results of the benchmark on your machine... :)


Edited by v77, 22 November 2014 - 04:52 PM.






Also tagged with one or more of these keywords: arsenal image mounter, imdisk, proxy, encryption, volume

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users