HOME

MEMPERF - A real-life Memory Bandwidth Benchmark - bcopy style - self-compiling

Aleksander Lodwich, June 28th, 2022 aleksander[at]lodwich.net

Measure the real-life-relevant performance of your memory. Get the sources here.

Cryptonid - A stand-alone Program for Symmetric Encryption for Linux Mint 20.3

Aleksander Lodwich, Feb. 6th, 2022 aleksander[at]lodwich.net

The following program will perform symmetric encryption on files. The encryption algorithm is Cryptonid (i.e. not AES!).

About the Cryptonid algorithm:
The algorithm was designed to perform on-the-fly encryptions/decryptions even on a single random byte of data in memory to provide inspection-resilient storage for software running on virtualized computers found in data centers, such as AMAZON. Therefore, CRYPTONID is a random access cipher, which classifies neither as a block cipher nor as a stream cipher algorithm. The algorithm has no tuning parameters like for example a cipher block size. However, the randomness can be increased when the random data buffer's size is increased - at the cost of random access speed. There is no lower or upper limit on the password/key length.

The algorithm permits to temporarily decrypt single values from otherwise permanently encrypted data structures. The algorithm is capable of writing data to these encrypted data structures. The programmer can use the cryptonid algorithm in the set/get methods of his classes belonging to a critical application core.

When properly used, only a small amount of plain text data will be visible through the inspection of the stack's memory range. This way, taking snapshots of the memory of virtualized computers is revealing far less readable data. Proper measures permit to hide the random data used for the encryption in a sea of other random data (responsibility on the user's side).

CRYPTONID can be used as a stream cipher, however. This can be used to further randomize data, which is transported over channels protected with AES/RSA, when the involved security architecture is not fully trusted. Any small error of the key or any small stream manipulation will render the output stream into noise.

The following program is implementing the algorithm for encrypting/decrypting files. When decrypting, any small defect of the password will make the algorithm generate another highly scrambled stream. Any encryption or faulty decryption yields highly randomized data histograms. This is true even in case of highly structured data or trivial passwords.

Histogram, exemplifying highly structured input

From this, the encryption algorithm will generate highly randomized output like this:

Cryptonid does not include fail/success information in the stream to prevent the easy definition of a brute force attack. The files are exactly the same long, as the input.

Compatibility: Linux Mint x64 - 20.3

Downlod: cryptonid.7z
MD5: eca2fb889befbc5d8e00f989b0293bb4
These are the dependencies, as identified from ldd:

This is the program's self-help:

Note: The program parallelizes its internal algorithm when encountering files larger than 25m Bytes.

Options

Examples of use:
cryptonid encrypt -i file.txt
cryptonid encrypt -i file.txt -o file.txt.ownextension
cryptonid encrypt -i file.txt -o OTHERNAME -p PASSWORD
cryptonid decrypt -i file.txt.cryptonized
cryptonid decrypt -i file.txt.cryptonized -o PLAINNAME
cryptonid decrypt -i file.txt.cryptonized -o OTHERNAME -p PASSWORD

It is possible to mass encrypt/decrypt:
cryptonid encrypt -i *
cryptonid decrypt -i *.cryptonized

end