 |
|
||||||||||||||||||||||||||||||||
|
Do you trust your encryption software? Are you sure that your data is really encrypted?How can you know that the program with which you are protecting your confidential information encrypts your data with the declared algorithm and with the declared length of key? It is worth to mention, that the published source code of a program is NOT the guarantee of the correct encryption unless you built source files and got executables by yourself (otherwise, you cannot be sure that the copy of the program you use works exactly as you see in the published source code). You can check the correctness of encryption with the most simple and most reliable method which has specially been designed for such checking: by comparing the original text (so called "plaintext") and the resulting ciphertext, which is being produced by the program from the plaintext, with some examples that are offered by developers of algorithms (these examples are called "test vectors"). Such test vectors are widely published and you can find them in the Internet on the web sites of authors of algorithms. For example, you can find test vectors for the Blowfish algorithm on the site of Counterpane Systems company (Bruce Schneier, the author of the Blowfish algorithm, is the president of this company): http://www.counterpane.com/vectors.txt. In order to perform such a test you will need any hexadecimal file editor (no special experience or knowledge is needed for this). You can download a free copy of a simple hexadecimal editor "MyLight" here.
|
| Plaintext: | 83 4E AD FC CA C7 E1 B3 06 64 B1 AB A4 48 15 AB |
| Key: |
00 01 02 03 05 06 07 08 0A 0B 0C 0D 0F
10 11 12 14 15 16 17 19 1A 1B 1C 1E 1F 20 21 23 24 25 26 |
| Ciphertext: | 19 46 DA BF 6A 03 A2 A2 C3 D0 B0 50 80 AE D6 FC |
1. Create a new file in the hexadecimal editor. In order to do this, select "File/New/New Binary File" menu item in the MyLight editor. After you have created new file, make sure that there is a blinking cursor in the top left corner of the editor window, and then enter the plaintext exactly as shown in the test vector:
(click to enlarge)
2. Select the "File/Save" menu item, choose a directory where you want to save the file and save the file as "aesp". Then select the "File/Close" menu item. Our plaintext is created.
3. Open the "Encryption preferences" dialog box. To do this, click the "Start" button on your taskbar and select the "Programs/FineCrypt/Encryption preferences" menu item. On the "Algorithms" page set "AES" as the encryption algorithm and "Electronic Codebook" as the encryption mode.
On the "General" page set the compression option as "Don’t compress.".
4. Open Windows Explorer and go to the directory where you have saved the "aesp" file. Click with the right mouse button this file and choose from the context menu the "FineCrypt/Encrypt with key…". A dialog box will appear. Make sure that the current cipher is "AES", the current mode is "Electronic Codebook" and the length of the key is set to 32 bytes.
Enter the encryption key exactly as shown in the test vector. Below is a view of the "Enter Encryption Key" dialog box after that:
ASCII symbols to the right of the hexadecimal values may look differently on your computer. How the ASCII symbols look depends on the codepage of your computer, but for now this is not important.
This is the key for encrypting plaintext. We do not change anything in the "initialization vector" editor window (below the "encryption key" editor window) because the initialixation vector is not used in the Electronic Codebook mode.
Press OK to close the dialog box and after that press the "Encrypt" button and encrypt the file.
The process is finished. The test plaintext has been encrypted with the test encryption key and we just have to check whether the ciphertext in the file "aesp" corresponds with NIST’s ciphertext or not.
5. Go back to the hexadecimal editor. Choose "File\Open…"; go to the directory where the file "aesp" has been saved; in the "Files of type" combo box select "All Files (*.*)", in the "Open as:" combo box select "Binary". Find the encrypted file "aesp" and open it.
If everything has been done correctly you will see the following picture:
(click to enlarge)
The first 76 bytes are the file header. This header contains information about the algorithm and the mode used for encryption, whether the file was encrypted with the password or with the user’s encryption key, whether the file was compressed before encryption or not. The header also contains encrypted creation time of original file and last write time of original file, encrypted size of the original file, the length of the name of the original file and the encrypted name of the original file with relative path. If you are registered user, make request to support@finecrypt.net and we'll send you the detailed explanation of every byte in the file header.
The next 16 bytes (marked here with green) are the ciphertext. Compare it with the ciphertext from the test vector and make sure they are identical. So you can see that the internal realization of the algorithm is fully adequate to the author’s scheme.
The last 4 bytes is the checksum of the file content, which is used for ensuring that the file content is not damaged.
You can test in the same way with appropriate test vectors all algorithms in all modes. In order to check FineCrypt in modes such as CBC, CFB and OFB the fourth array called initialization vector must be added. Keep in mind that the size of the file header will change together with the length of the name of the encrypted file. In our example the length of file name was equal to 4 bytes, if you will encrypt file whose file name is 5 bytes long, then size of the header also will be one byte longer. And do not forget to turn off compression before testing.
Read also the paper of Peter Meyer "An Introduction to the Use of Encryption".
|
[Home] [Products] [FineCrypt] [SecureTask] [FC Archiver] [Download] [References] [Support] [Register] |
|
|
Professional
Encryption Software |