From this, the encryption algorithm will generate highly randomized output like this:
Aleksander Lodwich, Dec. 27th, 2022 aleksander[at]lodwich.net
Measure the real-life-relevant performance of your CPU. Get the sources here.Aleksander Lodwich, June 28th, 2022 aleksander[at]lodwich.net
Measure the real-life-relevant performance of your memory. Get the sources here.Aleksander Lodwich, Feb. 6th, 2022 aleksander[at]lodwich.net
The following program will perform symmetric encryption on files. The encryption algorithm is Cryptonid (i.e. not AES!).
About the Cryptonid algorithm:
The algorithm was designed to perform on-the-fly encryptions/decryptions
even on a single random byte of data in memory to provide
inspection-resilient storage for software running on
virtualized computers found in data centers, such as AMAZON.
Therefore, CRYPTONID is a random access cipher, which classifies
neither as a block cipher nor as a stream cipher algorithm.
The algorithm has no tuning parameters like for example a cipher block size.
However, the randomness can be increased when the random data buffer's size
is increased - at the cost of random access speed.
There is no lower or upper limit on the password/key length.
The algorithm permits to temporarily decrypt single values from otherwise permanently encrypted data structures. The algorithm is capable of writing data to these encrypted data structures. The programmer can use the cryptonid algorithm in the set/get methods of his classes belonging to a critical application core.
When properly used, only a small amount of plain text data will be visible through the inspection of the stack's memory range. This way, taking snapshots of the memory of virtualized computers is revealing far less readable data. Proper measures permit to hide the random data used for the encryption in a sea of other random data (responsibility on the user's side).
CRYPTONID can be used as a stream cipher, however. This can be used to further randomize data, which is transported over channels protected with AES/RSA, when the involved security architecture is not fully trusted. Any small error of the key or any small stream manipulation will render the output stream into noise.
The following program is implementing the algorithm for encrypting/decrypting files. When decrypting, any small defect of the password will make the algorithm generate another highly scrambled stream. Any encryption or faulty decryption yields highly randomized data histograms. This is true even in case of highly structured data or trivial passwords.
Histogram, exemplifying highly structured input
From this, the encryption algorithm will generate highly randomized output like this:
Cryptonid does not include fail/success information in the stream to prevent the easy definition of a brute force attack. The files are exactly the same long, as the input.
Compatibility: Linux Mint x64 - 20.3
Downlod: cryptonid.7z
MD5: eca2fb889befbc5d8e00f989b0293bb4
These are the dependencies, as identified from ldd:
This is the program's self-help:
Note: The program parallelizes its internal algorithm when encountering files larger than 25m Bytes.
Options
Examples of use:
cryptonid encrypt -i file.txt
cryptonid encrypt -i file.txt -o file.txt.ownextension
cryptonid encrypt -i file.txt -o OTHERNAME -p PASSWORD
cryptonid decrypt -i file.txt.cryptonized
cryptonid decrypt -i file.txt.cryptonized -o PLAINNAME
cryptonid decrypt -i file.txt.cryptonized -o OTHERNAME -p PASSWORD
It is possible to mass encrypt/decrypt:
cryptonid encrypt -i *
cryptonid decrypt -i *.cryptonized