tird 0.5.0

A tool for encrypting file contents and hiding random data among other random data

tird

tird (an acronym for "this is random data") is a tool for encrypting file contents and hiding random data among other random data.

Goals

• Providing protection for individual files, including:
  • symmetric encryption;
  • minimizing metadata leakage;
  • plausible deniability;
  • data hiding (prevention of detection).
• Keep it simple: refusal to implement functions that are not directly related to primary security goals.
• Providing a stable encryption format with no cryptographic agility for long-term data storage.

Cryptographic primitives

• BLAKE2b:
  • salted and personalized BLAKE2b as part of a key derivation scheme;
  • keyed BLAKE2b for data authentication.
• Argon2 memory-hard function for key stretching and key derivation.
• ChaCha20-IETF cipher for data encryption.

Cryptoblob structure

                     512B          0+B
                 +----------+---------------+
                 | comments | file contents |
                 +----------+---------------+
  16B     0+B    |     plaintext/payload    | 64B     0+B     16B
+------+---------+--------------------------+-----+---------+------+
| salt | padding |        ciphertext        | MAC | padding | salt |
+------+---------+--------------------------+-----+---------+------+
|  random bytes  |      random-looking data       |  random bytes  |
+----------------+--------------------------------+----------------+

Tradeoffs and limitations

• tird does not support asymmetric encryption and signatures.
• tird does not support file compression.
• tird does not support ASCII armored output.
• tird does not support Reed–Solomon error correction.
• tird does not support splitting the output into chunks.
• tird does not support low-level device reading and writing when used on MS Windows (devices cannot be used as keyfiles, cannot be overwritten, cannot be encrypted or hidden).
• tird does not provide a graphical user interface.
• tird does not provide a password generator.
• tird does not wipe sensitive data from the heap.
• tird can only encrypt one file per iteration. Encryption of directories and multiple files is not supported.
• tird does not fake file timestamps (atime, mtime, ctime).
• tird encryption speed is not very fast: up to 180 MiB/s (in my tests).

Warnings

• 🚩 The author is not a cryptographer.
• 🚩 tird has not been independently audited.
• 🚩 tird probably won't help much when used in a compromised environment.
• 🚩 tird probably won't help much when used with short and predictable keys.
• 🚩 Keys may leak into the swap space.
• 🚩 tird violates The Cryptographic Doom Principle.
• 🚩 tird does not sort digests of passphrases and keyfiles in constant time.
• 🚩 Development is ongoing, there may be backward compatibility issues in the future.

Usage

Just run the script, select the option you want and then answer the questions.

Requirements

• Python >= 3.6
• PyNaCl >= 1.2.0 (provides Argon2 KDF)
• PyCryptodomex >= 3.6.2 (provides ChaCha20 cipher)

Install

Install python3 and python3-pip (or python-pip), then run

$ pip install tird

Binary builds (made with PyInstaller) are also available (see Releases).

TODO

Write documentation.

Feedback

Test reports are welcome. Feel free to post any questions, feedback or criticisms to the Discussions.

License

This project is licensed under the terms of the Creative Commons Zero v1.0 Universal License (Public Domain Dedication).