Hi,
I have developed a foss program that ciphers data. Target audiences are groups of non-tech savvy activists, not able or not willing to use programs such as Kleopatra or Veracrypt, that need to protect highly sensitive data that needs to be accessed after an unknown amount of time (could be weeks or months, i.e. only in case of emergency). An example are antirepressive files in case of arrest, that provide the arrestee’s colleagues with instructions on the arrestee’s needs (medication, pets to take care of, lawyer to contact etc.). In this example, threat actors are primarily authoritarian governments.
The program consists of a serverless HTML file intended to be used in Tails in the Tor Browser, and it offers a symmetric and an asymmetric cipher mode, and an asymmetric cipher mode that includes Shamir’s secret sharing for the decipher key.
It also has some extra features such as the option to export and import data from/to QR codes, and set default text fields (among other). The collective asymmetric cipher mode (the one with Shamir’s secret sharing), as you can see in the docs, is made to target the threat vector of police infiltrators or collaborators.
I have detailed the cryptographic processes as diagrams and other info in the repo:
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric-collective.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/symmetric.md
The program is meant to be used collectively: e.g. a group of activists manage their files through a single key pair.
It would be awesome if somebody could take a look at the cryptographic processes and provide feedback, last thing I want to do is provide insecure software to my friends and other activists, and I want to make sure I have not made a mistake somewhere. This is not the first review iteration, but I just want to be completely sure before I mark my software as production ready.
If you know somebody that has the needed knowledge to review this I would greatly appreciate it if you could ask them to take a look <3
You must log in or # to comment.
I’m not able to comment on the software itself, I’ll leave that to someone with more development experience.
It would be awesome if somebody with experience could take a look at the cryptographic processes and provide feedback
As far as Security, someone with experience would recommend not using software made by someone without experience. There are existing, simple to use tools, which are regularly audited by teams of professionals and their efficacy is attested to by the valuable secrets that they protect.
If you need to encrypt files with a symmetric key, you can use gpg.
gpg -c --cipher-algo AES256 file.txtThen share the password with your friends.
To decrypt:
gpg --decrypt file.txt.gpg > file-decrypted.txtThis has the additional advantage of being a standard part of almost every Linux install so its presence is less suspicious than a custom encryption package.
Hi! :) Just as clarification, I do have experience, but I think such software should be externally reviewed by more people instead of just trusting the developer and their knowledge. However, something I do not have experience with is developing code that is free and open source, so that’s maybe where my somewhat confusing statement came from ':) (edited it to be clearer). One thing is to program stuff that isn’t really important to get paid, and the other thing wanting to double, tripple and quadruple check so you don’t create a security risk for your friends and other like-minded people.
Yeah gpg is super powerful and simple to use if you are comfortable in the terminal, but at least a lot of people that I know would never do this.
As I say in the repo, the program is not meant to replace Veracrypt or Kleopatra (or terminal based gpg), but to be a viable option if the user is not comfortable with anything else, which would be the case for many of the people that I know.
It also incorporates some features that would otherwise be needed to be done separately in tedious processes (e.g. the program protects file names, includes sss directly into the cipher/decipher pipeline, print options and more).
But yeah, it is kind of in a niche I guess.
Brb heading to the local group home to retrieve my r-word pass