Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Jul 2019, 16:38
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
007 Blowfish encryption
Moderators: deshlab, Flash, GuestToo, Ian, JohnMurga, Lobster
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [26 Posts]   Goto page: 1, 2 Next
Author Message
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15449
Location: Paradox Realm

PostPosted: Fri 11 Nov 2005, 15:04    Post subject:  007 Blowfish encryption  

Purpose: To encode a private file for secure storage or sending. The file can only be decoded by someone with the right password

Use carefully - If you encode your secret fish sauce recipe and forget the password it may be lost for ever

Cool

This is two lines of code
that uses "xdialog" and 448 bits Blowfish encryption to encrypt any file


The first line calls the file with the "xdialog" widget
The second line takes the file variable ($FILE)
and asks you for an encrypting password

"rxvt -e bcrypt" opens a console window and starts bcrypt
bcrypt uses the file you have opened ($FILE) in the previous line

You will be prompted for the same encryption key twice when encoding
and once when decrypting/decoding
Use a secure encryption key of 8 digits/characters or more (case sensitive)
and DO NOT FORGET IT - otherwise you will need several years of supercomputer time to decode . . .


When encoded the file is renamed with the extension .bfe
so "mysecret.txt"
becomes the encrypted file "mysecret.txt.bfe"
"mysecret.txt" no longer exists

When decrypting, the .bfe (encrypted file) is located
When the password/keyword is added
the file regains its original name as the .bfe extension is removed

Rename files with spaces eg "this has space.txt" to "this_has_no_space.txt"

This is the actual code:

Code:

#!/bin/sh
FILE=`Xdialog --title "Choose file to encrypt or decrypt" --fselect / 28 48 2>&1`
rxvt -e bcrypt $FILE


It is in fact a text file (the dotpup version contains comments which are placed after the "#")
Xdialog is a widget a small program written in C that can be called with various parameters ( it is of course built into Puppy)
http://xdialog.dyns.net/

This first line identifies the code as a runnable script
To make it runnable you right click and select permissions and change what is a text file into an executible

Code:

#!/bin/sh
007.pup
Description 
pup

 Download 
Filename  007.pup 
Filesize  7.06 KB 
Downloaded  2112 Time(s) 

_________________
Raspberry Pi 4 to run Puppi
NEW BusterPup Beta - test now

Last edited by Lobster on Sat 12 Nov 2005, 04:56; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
klhrevolutionist


Joined: 08 Jun 2005
Posts: 1124

PostPosted: Fri 11 Nov 2005, 16:09    Post subject: I like  

Very good name as well as application helper.
Now riddle me this ? Can bcrypt be used to encrypt folder's ?
And how well does bcrypt stand up to other encryption tools ?
Thanks.

_________________
Heaven is on the way, until then let's get the truth out!
Back to top
View user's profile Send private message 
Johnny Reb


Joined: 05 Aug 2005
Posts: 132
Location: The Confederate States of America (occupied)

PostPosted: Sat 12 Nov 2005, 02:40    Post subject: Re: I like  

klhrevolutionist wrote:
Very good name as well as application helper.
Now riddle me this ? Can bcrypt be used to encrypt folder's ?
And how well does bcrypt stand up to other encryption tools ?
Thanks.


klh, Blowfish, the encryption algorythm that bcrypt uses, has no known attacks, or at least it didn't the last time I read up on the various encryption algorythms a few months ago. It is fairly old now though, and uses a 64 bit block where most all of the newer ones use a 128 bit block. Go here: http://www.schneier.com/blowfish.html and learn more about the algorythm. I see no reason not to trust Blowfish at this time, but given a preference I would choose Twofish or perhaps Serpent.


A great many laws in a country, like many physicians, is a sign of malady.

~ Voltaire

Liberty is not a means to a higher political end. It is itself the highest political end. ~ Lord Acton

The price of apathy towards public affairs is to be ruled by evil men.

~ Plato

_________________
He who dares not offend cannot be honest.
~ Thomas Paine
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger 
ICQ Number 
gliezl


Joined: 06 Aug 2005
Posts: 322
Location: Manila

PostPosted: Sat 12 Nov 2005, 19:08    Post subject: Re: I like  

klhrevolutionist wrote:
Can bcrypt be used to encrypt folder's ?
Thanks.


Yes I also like this feature to be developed in future versions! Imagine, put all your files in a certain folder then encrypt it. That would be cool. If someone have stolen my multisession puppy cd, there will be no problem coz my files are secured! Smile

Good work there Lobster! Smile How about encrypting multiple files?

Now, we are going to another level... Wink

_________________
"If you have knowledge, let others light their candles in it."
~Margaret Fuller

Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6266
Location: Knoxville, TN, USA

PostPosted: Sat 12 Nov 2005, 19:19    Post subject:  

It could tar whatever it's encrypting, which could make encrypting directories and multiple files possible.
_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message 
klhrevolutionist


Joined: 08 Jun 2005
Posts: 1124

PostPosted: Sat 12 Nov 2005, 19:27    Post subject: one folder  

Well pizza, I have one folder full of writing's and stuff of that nature.
I would not want to have to tar it everytime & untar it everytime I go to use it. But having it maybe encrypted or password protected would be a good fit.
I think MU had developed some type of password protection upon booting into puppy maybe this can be used for the purpose I am wanting ?
But at the same time having it encrypted plus it is password protected would be an even greater feature. Like I mentioned on the LatestNews page bcrypt can be compiled very easily, so maybe someone with better understanding can see if we could implement folder encryption as well ?

Thanks.

_________________
Heaven is on the way, until then let's get the truth out!
Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6266
Location: Knoxville, TN, USA

PostPosted: Sat 12 Nov 2005, 19:35    Post subject:  

I meant the 007.pup that Lobster made could automatically do the tar/untaring (sounds like we're making a highway or somthing) so we wouldn't have to. That would be inconvenient to do everytime, but if the script did it it wouldn't be too bad.


I don't remember much about MU's thing, but Puppy has with the ability to use encrypted pupfiles. You have to remaster the cd to change the isolinlux.conf file, though. Next week I'm going to work on a puplet that uses a combination of the encrypted pupfile and choosing the pupfile to simulate logging in. It won't be a normal multi-user setup, but it's more than what the standard Puppy does.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message 
klhrevolutionist


Joined: 08 Jun 2005
Posts: 1124

PostPosted: Sat 12 Nov 2005, 20:29    Post subject: hmm  

Well now that you explain it, it is feasible. But for those with large folder's this would create hassle. But I admire your creativity. If more people read this thread we might get more responses and ideas.
Thanks.

_________________
Heaven is on the way, until then let's get the truth out!
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15449
Location: Paradox Realm

PostPosted: Sat 12 Nov 2005, 23:47    Post subject:  

well this will call a menu
to choose between single or mutiple files

Code:
 #!/bin/sh
Xdialog --title "Lobster 007 Blowfish" \
        --menu "Encode and decode files\n\

Choose Single or Multiple files to encode:" 24 51 6 \
        "Single"  "Will enclode or decode a single file" \
        "Multiple" "Make many files into a single file" 2> /tmp/menu.tmp.$$

retval=$?
choice=`cat /tmp/menu.tmp.$$`
rm -f /tmp/menu.tmp.$$

case $retval in
  0)
    echo "'$choice' chosen.";;
  1)
    echo "Cancel pressed.";;
  255)
    echo "Box closed.";;
 esac


and this will call the cdtar tcl program to create a tar file from multiple files

Code:
 wish /usr/lib/cdtar/cdtar.tcl


"wish" is the interpreter program that runs or interprets the text script cdtar.tcl

but how to incorprate this into the 007 Blowfish program?
Embarassed too much for me . . .

Who can help?

_________________
Raspberry Pi 4 to run Puppi
NEW BusterPup Beta - test now
Back to top
View user's profile Send private message Visit poster's website 
Raman


Joined: 01 Sep 2005
Posts: 86
Location: A Place Where Cows Are Sacred

PostPosted: Sun 13 Nov 2005, 05:24    Post subject: SWAP, OS Filesystem, and File Encryption  

I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.

Let me explain.

1. On Windows 98 SE and later platforms you can use JETICO's BestCrypt to encrypt files, encrypt entire disks, and what is possibly more important, with JETICO's BestCrypt you can encrypt your Windows SWAP file, all within the rubric of 448 BlowFish, and beyond. http://www.jetico.com/

2. On Windows 98 SE and later platforms you can use PGP freeware 602i to encrypt files and entire disks (but not your SWAP file) using the strong
encryption provided by the muscular PGP 602 international release.
http://www.pgpi.org/cgi/download.cgi?filename=PGPfreeware602i.exe

3. The Finnish entity LBA Linux (formerly SOT Linux) was about to release a beta version of LBA Linux R3 in April-May 2005 when the project was canceled for reasons unrelated to the viability of the R3 Linux release then under development. To this end LBA Linux published the following statement in February 2005:


"Security-conscious notebook users will appreciate the hard disk encryption feature of LBA-Linux R3.

"In earlier versions of LBA-Linux, individual users could have a single encrypted folder. LBA-Linux R3 extends this idea to the entire hard drive.

"'The entire file system can be locked with a password', explained SOT Project Manager Aleksei Rovenski.

"'It's an extra layer of security. Even if an encrypted computer is stolen, the data stored on it remains locked down. No information can be retrieved from the hard disk without the password. It will give LBA-Linux users peace of mind, knowing that their sensitive files are protected. It's a privacy thing.'"


4. Through a Finnish source I was able to obtain an early ISO copy of LBA Linux R3 alpha and the darn thing worked, which is to say, the entire Linux filesystem was indeed encrypted and the Linux R3 OS ran at least as fast as my release copy of LBA R2. Unhappily my technical sophistication is not up to describing how LBA Linux R3 accomplished this feat, but I can say that the resulting LBA R3 ISO installation worked very well indeed. Although it must be allowed that an unsupported alpha release of LBA R3 is not to be used everyday by the technically unwashed, like me.

5. Based on my experience with Windows JETICO BestCrypt and Windows PGP and Windows PGD-Disk, and my continuing happy experience with LBA Linux R3 alpha, I can say that this level of encryption works, that it does not slow the computer noticeably -- or at all, and that this level of SWAP encryption, disk encryption, and file encryption is fast becoming a necessity. Parenthetically, it is safe to say that the average computer user and or average Internet user is now more than fully qualified to say why it is that this level of encryption is fast becoming a necessity.

6. Ergo, Puppy Linux should offer encrypted SWAP files, encrypted disks and or filesystems, and encrypted files. For reasons that ought to be perfectly clear. And it is clear that given currently available software, as proved by the early LBA Linux R3 alpha release, as well as proved by the JETICO BestCrypt and PGP freeware packages described above, the everyday encryption of SWAP, OS filesystems, and ordinary files is or ought to be available right now.


Hail Puppy!

Raman
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15449
Location: Paradox Realm

PostPosted: Sun 13 Nov 2005, 06:07    Post subject: Re: SWAP, OS Filesystem, and File Encryption  

Raman wrote:
I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.


Smile

Are you sure Raman? It could be. I thought there were some very secure Linux systems for the ultra guilty/paranoid?

The technically unwashed will be surprised to know that the most secure encryption is bypassed by keyloggers. Programs that reside in memory and record and optionally send out a log of keys pressed - including those wonderful impossible to break passwords . . . Most of course target Windows.

Malware is rife on MS Windows with its 'Applied encryption'. It is one of the main reasons I moved. I no longer controlled my desktop. Is this a problem on Linux? I do not know. With Weendose you also get virii, trojans and other assorted malware, some of which is incorporated with MS compliance. Spyware is built into Windows. Some is known but because it is closed source no one knows how much is there for sure. Some spyware is NSA based and also there is a commercial spyware system that reports back to MS, built into wmv and other systems.

Since using Puppy I have not had to bother with AVG, spywarebot and the other assorted wonders of supporting a kludged and compromised malware magnet OS - aka MS Windosn't

The program I have posted will secure individual files. For most purposes it is fine. What do others think? What is your experience?

Smile

_________________
Raspberry Pi 4 to run Puppi
NEW BusterPup Beta - test now
Back to top
View user's profile Send private message Visit poster's website 
Eagle

Joined: 05 Dec 2005
Posts: 2

PostPosted: Mon 05 Dec 2005, 00:50    Post subject: Alternative to bcrypt  

Hi Folks,
Has anyone looked at TrueCrypt over at http://www.truecrypt.org. Instead of simply encypting files, it allows someone to setup encryptable container files, which can be mounted within the program as actual drives. It supports various encyption standards such as "AES-256, Blowfish (448-bit key), CAST5, Serpent (256-bit key), Triple DES, and Twofish (256-bit key)." It is opensource and there is both Windows and Linux versions available with source code to compile your own copy.

I am still a linux newbie, but maybe somebody could build a dotpup from this.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15449
Location: Paradox Realm

PostPosted: Mon 05 Dec 2005, 01:40    Post subject:  

Here is a nice story for you security Puppys about spear phishing (this is part of social engineering)
http://tinyurl.com/7blsz

My theory is I should provide my passwords as a web page
but I am too much of a woos (woos = coward) Anyone up for it (great honeypot idea) . . .

I have always found that virus attacks and hacking attacks are 90% imagination - apart from Windows where it is 90% of the OS function
"We control your desktop - and pay us for the privilege" - eh yes Bill . . .
On a separate issue Ajax (aka web2) will be rife as a security loophole - it is a mess (but I loves it none the less)
Great services - with new ones all the time . . .
http://www.emilychang.com/go/ehub/alpha/

I will now return to my kennel . . .

_________________
Raspberry Pi 4 to run Puppi
NEW BusterPup Beta - test now

Last edited by Lobster on Mon 21 Aug 2006, 12:35; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15449
Location: Paradox Realm

PostPosted: Sun 01 Jan 2006, 06:20    Post subject: Possible Mission  

Now that we have a great new Linux firewall how about something worth protecting . . . ?

Possible Mission [cue music from Mission Impossible]

"Our mission, should you
decide to encode it,
is to write a front end to bycrypt
for multiple files and directories . . .

As always, should you or any member of
the Open Source Kennel be caught or killed, the
Secretary will disavow all knowledge of
your actions. This message will self-
construct in five seconds.

Good luck,
Puppys!"

_________________
Raspberry Pi 4 to run Puppi
NEW BusterPup Beta - test now
Back to top
View user's profile Send private message Visit poster's website 
Guest
Guest


PostPosted: Mon 02 Jan 2006, 06:25    Post subject: Re: SWAP, OS Filesystem, and File Encryption  

Lobster wrote:
Raman wrote:
I have only one reservation about Linux as it is usually implemented for ordinary (technically unwashed) users: Applied encryption is not up to MS Windows standards; or to put it differently, MS Windows platforms offer easy-to-implement strong encryption for ordinary users, and Linux does not.


Smile

Are you sure Raman? It could be. I thought there were some very secure Linux systems for the ultra guilty/paranoid?

The technically unwashed will be surprised to know that the most secure encryption is bypassed by keyloggers. Programs that reside in memory and record and optionally send out a log of keys pressed - including those wonderful impossible to break passwords . . . Most of course target Windows.

Malware is rife on MS Windows with its 'Applied encryption'. It is one of the main reasons I moved. I no longer controlled my desktop. Is this a problem on Linux? I do not know. With Weendose you also get virii, trojans and other assorted malware, some of which is incorporated with MS compliance. Spyware is built into Windows. Some is known but because it is closed source no one knows how much is there for sure. Some spyware is NSA based and also there is a commercial spyware system that reports back to MS, built into wmv and other systems.

Since using Puppy I have not had to bother with AVG, spywarebot and the other assorted wonders of supporting a kludged and compromised malware magnet OS - aka MS Windosn't

The program I have posted will secure individual files. For most purposes it is fine. What do others think? What is your experience?

Smile


Lobster, he is partially correct. There are a lot more very good encryption programs available for windows. However there are some very good ones available for Linux. Bcrypt, which you made the dotpup is good, however the Blowfish algorythm is getting pretty old. As of the last time I read up on it there were no known attacks on it. GnuPG, which I made a dotpup for is also very good. It of course is based on the source code for PGP. It is primaraly used for email encryption, but it can also be used for file encryption as well. Neither GnuPG or Bcrypt offer folder encryption though, and as of yet I've not found a program for Linux that does. The one point that he did not make though, is that windows is so ridden with spyware, that which comes built into it and that which is drawn to it like flies to something dead, makes strong easy to use encryption a nesessity.

You brought up the question of keyloggers, and that is a very good point. While I was using windows I found an exceptional anti-keylogger program called PSM Antispy (if I remember correctly). It was unusual because it would not just detect the usual keyloggers that pick up on keyboard hooks, but it would detect kernel level keyloggers. Unfortunatly for most people it's not available anymore, but if anyone does happen to want it, I've got the installation program saved on my hard drive.

As for "the ultra guilty/paranoid", it's neither. There are some people, like myself, who still value privacy, and will expend quiet a bit of effort to maintain as much of it as possible. I can't/won't get a hotmail account due to the fact that MSN requires you to enable to much stuff that I've got disabled in my browser because it can and is used to track your activity on the net. While I know that I can't prevent whoever from watching everything I do, I can sure make them work to find out what they can.



"I believe that banking institutions are more dangerous to our liberties than standing armies . . . If the American people ever allow private banks to control the issue of their currency, first by inflation, then by deflation, the banks and corporations that will grow up around [the banks] . . . will deprive the people of all property until their children wake-up homeless on the continent their fathers conquered . . . The issuing power should be taken from the banks and restored to the people, to whom it properly belongs." ~ Thomas Jefferson ~ The Debate Over The Recharter Of The Bank Bill, (1809)


"If we do not defend ourselves none will defend us; if we yield we will be more and more pressed as we recede; and if we submit we will be trampled under foot. I hold concession or compromise to be fatal. If we concede an inch, concession would follow compromise, until our ranks would
be so broken that effectual resistance would be impossible".

~ John C. Calhoun
Back to top
Display posts from previous:   Sort by:   
Page 1 of 2 [26 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Unsorted
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0896s ][ Queries: 12 (0.0140s) ][ GZIP on ]