Bcrypt "bailing out"

[chiefengineer]

Since Truecrypt has been compromised (or at least discontinued) I thought I would try what my Pup Distro comes with: Bcrypt.

Interesting results:

1) Won't do a folder, so I tarred it. Won't do any kind of significant size I have (I presently have everything up to 60GB, which Truecrypt handles easily on the identical machine). Bcrypt says it can't allocate memory and bails out.

2) The real reason for my post: one of my passwords contains a special character Bcrypt appears to accept nicely then fails to decrypt with. Is this my machine? It is not in the documentation I read. The sad fact is the default is to encrypt the file in place so it was really, really gone. Is this my imagination or my machine? The character is "$". Perhaps it escapes or is interpreted incorrectly? Truecrypt and (now I compiled Scrypt) handle this without issue. It took some meticulous sleuthing on the command line to support this hypothesis, because it appeared to handle the character accurately a couple times, then never again.

Anyway, still looking for a good cross-platform Truecrypt substitute!

Thanks...

[SFR]

The character is "$".

bcrypt itself is ok, it's bcrypt_gui's issue.
Try the attached one. Should work fine with literally every character now, I tested it with this:
* ` !@#$%^&*()_+}{][|":\';/.,?>< ☀☒♚♛♩⚆⛧☢☠Ɐ

EDIT: the modified bcrypt_gui I attached at first, comes from Slacko-5.7.0 and won't work in older, pre-WOOF-CE Puppy versions, due to lack of /usr/lib/gtkdialog stuff.
So I modified and attached also the legacy one.

HTH
Greetings!

[Barkin]

Since Truecrypt has been compromised (or at least discontinued) ...

Not so ... https://www.grc.com/misc/truecrypt/truecrypt.htm [scroll down to bottom 1/3d of page]

[chiefengineer]

I modified and attached also the legacy one.

Thank-you for that...I'll try it with Fatdog (my main deal), makes me feel like throwing some chess pieces in there. So far the max I can encrypt with 4GB Ram is a 1.8GB archive (turning compression off only). Wonder if there is is some undeclared flag for paging memory efficiently?

Thanks twice.

[chiefengineer]

Not so ...

Thanks. I hadn't seen that link. Seems different from the profusely illustrated Truecrypt project page explicitly directing users to use Microsoft Bitlocker.

I love Truecrypt. I may still use it...as a substitute for tar (as an additional layer), until it is exhaustively open-source. For me, it is more a question of keeping TPM out of my life and porting one remaining app to Linux.

[SFR]

So far the max I can encrypt with 4GB Ram is a 1.8GB archive

It seems to me that this is (intended or not) limitation in bcrypt, I also can't encrypt ~2GB file ("No valid files found" msg in my case).
But what can one expect from unmaintained, 12 y.o. piece of code...

As for TC, it was practically "discontinued" long before the recent events occured, last update at the beginning of 2012 IIRC.
Personaly I don't see any reasonable, cross-platform alternative, so I stick with it as long as possible.

Greetings!

[radky]

So far the max I can encrypt with 4GB Ram is a 1.8GB archive

It seems to me that this is (intended or not) limitation in bcrypt, I also can't encrypt ~2GB file ("No valid files found" msg in my case).
But what can one expect from unmaintained, 12 y.o. piece of code...

The following 2012 bcrypt commit (GitHub) by Michael Stapelberg may be of interest:

https://github.com/casta/bcrypt/commit/ ... 8e76359bc0

Smaller (256K) processing window removes high memory requirements of the original bcrypt and enables
encryption/decryption of files larger than available system RAM, with support for files greater than 2 GIB.

[Burn_IT]

Just for information!! ........
Be aware that those characters will be different or in different places depending on your keyboard layout/language settings.

[SFR]

The following 2012 bcrypt commit (GitHub) by Michael Stapelberg may be of interest

Thanks for the heads up Radky, it's good to see that someone has forked and trying to fix it.

Anyway, tried to encrypt two files (.vdi images, 2.8 GiB & 5.9 GiB) and all seemed ok, but decryption process breaks silently at 627th & 997th MiB respectively with return code 5.
Works fine with compression turned off, though.
Anyone can confirm?

Greetings!

[chiefengineer]

Anyone can confirm?

I cannot get this to encrypt an existing Truecrypt archive without bailing. I will recheck my compilation and try another box...and maybe in Slacko, which I had more luck with. It is still terminating due to memory.

I keep sensitive financials off-site with lots of rules and requirements that get oversight. Those types of files really don't require compression, and they need to be updated quarterly...so Truecrypt was ideal for the update process because I return archives (via snail mail) for updating they do on Windows boxes that have never seen the internet...then I put them away on drives that have never been attached to the web.

Tarring is a major nuisance. I have a fear in the next audit some company is going to object to Truecrypt...so I am preparing. If need be I can start making partial archives out of huge ones...and I really am not looking forward to it.

[chiefengineer]

Works fine with compression turned off, though.
Anyone can confirm?

So here are my results so far:

All tested on 7-yr.old Dell Vostro laptop with only 889Mb Ram,
running Fatdog 64 620

Compiled the forked bcrypt, replaced old executable.
Encrypted/decrypted 5Gb archive without compression from command line. Took ~40 minutes but worked perfectly(!)
Ran SFR's bcrypt-gui for pre-WOOF-CE Puppy versions on 1.5 GB archive with all kinds of special characters. It also went in and out flawlessly (btw, the compressed file was slightly bigger in size than the original, and this took around 30 minutes, making me think maybe the failed compression added overhead).

However, my 5 Gb file exits ingloriously.


So I am guessing if I add
" -c "
after "bcrypt" in lines 116 and 119 of this older gui version
it will change the default to no compression? Just a guess?
I suppose I might play with it or just use the command line.

BTW, the system meter shows 250MB Ram or less in use during these...

[bruno]

" Anyway, still looking for a good cross-platform Truecrypt substitute!
"

Veracrypt seems to carry Truecrypt further and improve it:

http://sourceforge.net/projects/veracrypt/

[chiefengineer]

Veracrypt seems to carry Truecrypt further and improve it:

Thank-you for that!

The bcrypt fork is now working with the new gui on an old machine with really big archives. Thanks to everyone (esp SFR).

FYI: exact same files bail in Windows with same exact errors on the same machine, so trying to compile in Windows which is turning up with some strange errors...but soon I'll eradicate XP off that disk anyway...

[Barkin]

I've got PeaZip running on both Windows and Linux. It has 256AES encryption.
The maximum archive size is allegedly "unlimited".

It's not as convenient as on-the-fly TrueCrypt ,
but will be as good as Bcrypt for e-mailling encrypted archives.

You can even have self-extracting encrypted archives on Windows,
so can send an encrypted file to someone who does not have PeaZip installed.

[chiefengineer]

I've got PeaZip running on both Windows and Linux. It has 256AES encryption.

I had no idea Peazip came in a Windows flavor. it certainly passes the crypto criteria. Will see how it acts as a Trusted Program.

Thanks!