A tool for encrypting and hiding file contents among random data
Project description
tird
tird
(an acronym for "this is random data") is a tool for encrypting and hiding file contents among random data.
Features
- The result of encryption (mode 2) is PURB-like objects (call this "cryptoblob").
- Cryptoblobs are indistinguishable from random data.
tird
allows you to hide cryptoblobs among other random data (mode 6), use arrays of any other random data as containers for hiding cryptoblobs. Thus, deniable encryption is implemented.- Auxiliary modes (8 and 9) allow you to create arrays of random data: create files with random data (mode 8) and overwrite files or devices with random data (mode 9) for subsequent hiding of cryptoblobs.
tird
supports an unlimited number of passphrases and keyfiles for encryption.- Directories and devices can also be used as keys.
tird
allows you to add metadata (description) and an authentication tag to the encrypted file contents.- Any file larger than a certain minimum size is a valid
tird
cryptoblob: the use of any keys when decrypting will give some output with the resultOK
. tird
only provides symmetric encryption with stream cipher based on XORing plaintext with keystream blocks.- SHAKE256 XOF output is used to create keystream blocks (chunks of pseudo-random size are used mixed in a pseudo-random way).
- Presumably,
tird
can provide a key space larger than 256 bits: when constructing a keystream block, three different outputs of SHAKE256 are used, for which different parts of the key input are used. tird
is written in Python and uses only the Python standard library (hashlib
module and the hash functions:BLAKE2b
for files hashing,scrypt
as KDF,SHAKE256
for building keystrem blocks).tird
uses randomized padding with max size up to 20% (by default) of the message size.- When encrypting, you can set custom values for the block size of the keystream, number of rounds, derived keys length, metadata size, padding size, and enable debug messages.
tird
is a single Python file with no external dependencies.tird
has no config file and no command line options. Looking at the bash history will not provide information on howtird
was used.tird
can also be called software for steganography: a cryptoblob can be written over a flash drive or disk. Then the existence of a cryptoblob cannot be detected without statistical analysis to identify areas of high entropy (even this will only suspect, not prove the existence of a cryptoblob).- If random data is encrypted with default options (without MAC and metadata specified), then it is impossible to prove that this or that key was used for encryption: the decryption result will always be random data.
tird
does not report whether this or that decryption key is correct. If a MAC was added during encryption, then when using the correct key, it can be reported "MAC is valid: True". If the MAC was not added during encryption (this is the default behavior), then the only way to find out to pick up the correct key is to statistically analyze the output files.tird
does not force you to use any standard extension for output file names. The name of the output file is always set by the user.- Keyed
BLAKE2b
is used for creating message authentication code (MAC is not added by default). Adding a MAC will help you check the integrity of the data when decrypting. - The ability to almost unlimitedly increase the key space and the complexity of encryption/decryption when using custom options. You can set dk_len=2047M, keystrem_block_size=2047M, num_rounds=1000000. The downside of complexity is that the encryption/decryption rate is down.
Tradeoffs and limitations
tird
does not support asymmetric encryption and signatures.tird
does not support file compression.tird
does not support ASCII armored output.tird
does not support Reed–Solomon error correction.tird
does not support splitting the output into chunks.tird
does not support low-level device reading and writing when used on MS Windows (devices cannot be used as keyfiles, cannot be overwritten, cannot be encrypted or hidden).tird
does not provide a graphical user interface.tird
does not provide a password generator.tird
does not wipe sensitive data from the heap.tird
can only encrypt one file per iteration. Encryption of directories and multiple files is not supported.tird
does not fake timestamps (may be implemented in the future, but not yet planned).tird
encryption/decryption speed is relatively low (tens of megabytes per second in default settings).
Warnings
- The author is not an expert in cryptography.
tird
has not been independently audited.- Development is ongoing, there may be backward compatibility issues in the future.
tird
probably won't help much when used in a compromised environment.- Parts of the keys may leak into the swap space.
- A huge key space by itself does not give advantages when using short and predictable keys. It is recommended to use long and unpredictable key sets.
Cryptoblob structure
|----------------------------|
| file contents | metadata |
|----------------------------|-----|
| message | MAC |
|----------------------------------|
| plaintext |
|------------------|----------------------------------|------------------|
| salt_h | padding | ciphertext (plaintext^keystream) | padding | salt_f |
|------------------------------------------------------------------------|
| urandom data | encrypted data | urandom data |
|------------------------------------------------------------------------|
| random-looking data |
|------------------------------------------------------------------------|
Usage
Just run the script, select the option you want and then answer the questions.
$ tird
MENU
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
0. Exit 1. Get info
2. Encrypt 3. Decrypt
4. Hide 5. Unhide
6. Encrypt and hide 7. Unhide and decrypt
8. Create w/ urandom 9. Overwrite w/ urandom
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please enter [0-9]:
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
tird-0.2.0.tar.gz
(19.1 kB
view hashes)
Built Distribution
tird-0.2.0-py3-none-any.whl
(19.3 kB
view hashes)