AxCrypt
AxCrypt - AES-128 File Encryption, Compression and
double-click Edit/View for secure document storage on Windows 95/98/ME/NT/2K/XP,
locally or remote.
Copyright (C) 2002 Svante Seleborg/Axon Data, All rights reserved.
This program is free software; you can redistribute it and/or modify it under the terms
of the GNU General Public License as published by the Free Software Foundation; see
end of document for details.
If you find AxCrypt useful and would like to contribute, a voluntary donation of $5 or $10 would be greatly appreciated.
You may use the PayPal icon on the homepage for convenience, or specify axcrypt@axondata.se as the recipient manually. If you do not yet have a PayPal account, PayPal is completely free for personal use, no catches, and will accept credit cards, bank accounts and other PayPal member payments as funds for your payments. I am in no way affiliated with PayPal - it's just a convenient way to send and receive small amounts of money.
For commercial enquiries about the software, custom modifications, corporate branded versions or consulting services please contact me via e-mail.
Release 1.4.1
This is Release 1.4.1, please report bugs and comments to mailto:axcrypt@axondata.se
or http://axcrypt.sourceforge.net. Release 1.4.1 will read encrypted files from Beta 0.0.6 and later but not files
produced by older Betas - please
use Beta 0.0.5 to decrypt before installing.
If you have an earlier version than 1.2 installed, you are strongly encouraged to upgrade soonest. Earlier versions contain a programming error that results in reduced security for encrypted files.
(Also note, files encrypted by Release 1.3 and later will not be possible to decrypt with any older versions.)
INTRODUCTION
AxCrypt is free and easy to use open source strong file encryption for Windows 95/98/ME/NT/2K/XP, integrated with Windows Explorer. Encrypt, compress, decrypt, wipe, view and edit with a few mouse clicks. Cryptographic
primitives are AES-128 and SHA-1.
Encrypted files have a ".axx" extension added
to their names, and are shown with a new icon.
To encrypt a file, right-click it in Windows Explorer and select 'AxCrypt | Encrypt'.
To edit or view an encrypted file - just double-click it.
To decrypt, right-click and select 'AxCrypt | Decrypt' instead.
No configuration is necessary.
Run the installer, and AxCrypt is ready to use.
English, German, French, Spanish, Italian or Swedish will be used for messages and dialogues depending on the language of the system. Documentation (this document) and installation scripts are in English.
UNIQUE FEATURES
The following are features that really set it apart from all other file encryption tools, commercial as well as free:
TARGET USE
AxCrypt is used to share and work with stored documents,
and e-mail attachments, in a secure manner.
If your documents reside on a document sharing service, intranet or file server AxCrypt
is especially well suited and will usually seamlessly integrate, and make sharing and storing sensitive data as easy
as not protecting it.
To send secure e-mail, agree on a pass phrase and ensure that all parties have AxCrypt, then send your
encrypted files as regular attachments. With the pass phrase cache and the
double-click edit feature even many turns over e-mail is as easy as without encryption.
AxCrypt will, within the limits of your pass phrase, keep remotely stored documents secure. For documents on your local hard-disk there are many caveats not due to the security of the encryption as such. Please see the section on local PC security below.
It is also suitable for use by other programmers and
system administrators, as it
provides a command-line interface easy to use from any other programming
language on the Windows platform that can execute another program, including
.bat files.
FEATURES
PASS PHRASE CONSIDERATIONS
AxCrypt uses 128-bit keys internally - but if you want to achieve that level you
must give it 128 bits of truly 'random' data.
Using typical English language, this is approximately equivalent to 10 'random'
words. Do not use meaningful sentences and absolutely not famous or even obscure
quotations!
By introducing variations on the case, as well as non-alphabetic characters you can
reduce the number of words necessary. It is not recommended to use less than 5 words.
(The above is a slight simplification of the issue, but it should serve.)
LOCAL PC SECURITY
AxCrypt by itself will not protect your local PC from, for example:
AxCrypt combined with Microsoft Encrypting File System (EFS) included in Windows 2000/XP and later, applied to the user temporary directory, together with setting the Clear virtual memory pagefile when system shuts down local security policy, will achieve decent local PC security.
Additional options for strengthening local security include add-on products such as PGPdisk, BestCrypt, DriveCrypt and others. I am not sure which, if any or all, will protect the system paging file.
For more sophisticated, but conceptually more complex e-mail security, PGP is by many considered to be excellent.
ALGORITHMS
The algorithms used are deemed secure as such, to the best of my knowledge, by the US Government
and the Internet community. Please see the property page of an encrypted file,
the documents package and the source code
for details.
Key wrapping of the pass phrase is done using the NIST specification for AES Key
Wrap. The key derived from the pass phrase with SHA1 is only used as a key encrypting key.
AxCrypt uses the Advanced Encryption Standard with 128-bit keys in Cipher Block Chaining mode with a 'random' IV for the data encryption.
For integrity verification AxCrypt uses HMAC-SHA1-128, i.e. Hash Message Authentication Code using SHA-1 with 128-bit output and key.
The pseudo random number generator (PRNG) is described in FIPS 186-2, with SHA-1 as the hash algorithm.
Entropy collection to seed the PRNG is performed through a variety of common
and less common techniques, including
keyboard entry, mouse movement, window positions, a rapidly running software bit
oscillator and the Pentium Time Stamp Counter if available.
There may well be bugs in my implementation though - that is why it is open source, so
you and our peers may review it and keep it safe.
COMMAND-LINE USAGE
AxCrypt may be called by other programs, or manually, by specifying command-line
arguments. The general syntax is:
AxCrypt [-i | p | u | x ] | [-b tag] [-f] [-c] [-g] [-n filename] [-e] [-a | -k "passphrase"] [-z | d | o | w | s | q | h file(s)] [-t [tag]] | file(s)
Except for -i -p -u -x, the options are interpreted sequentially and may occur multiple times if it makes sense.
The options and their meanings are:
-i | Install | Set all registry values to default. |
-p | Psp test | Test for the need to install psapi.dll. Only relevant on NT. If return code is 0, no need. This is an installation helper function only. |
-u | Uninstall | Clear all registry values. |
-x | eXit | End the resident server process, if loaded. |
-b tag | Batch id | Define a tag, or batch id, to be used with subsequent pass phrases. These pass phrases will only be used when the same tag is specified in future calls to AxCrypt. The batch id is a decimal non-zero positive 32-bit signed integer. Odd values are reserved for internal use. If no -b option is given, saved pass phrases are 'global'. All tagged pass phrases are saved until cleared with -t. |
-f | Toggle Fast mode | Will modify certain operations to execute fast, rather than safe and/or secure. There is no guaranteed effect. Initially off. |
-c | Toggle Copy-only flag | Causes subsequent -d and -z to retain the originals. May be combined with -f for fast copy without wiping of temporaries. Initially off. |
-g | Toggle ignore encrypted flag | If set, attempted encryption of already encrypted files will do nothing. Initially off. |
-n | Output Name | Defines a file name to be used as output instead of default for the next -z or -d. |
-e | Encryption pass phrase definition | Subsequent -a or -k options on this invocation define the default encryption key instead of one of possibly many decryption keys. The -b option may be used to define pass phrases with limited context. |
-a | Add pass phrase | Prompt for a pass phrase using the AxCrypt standard safe dialogues. -b and -e may be used as modifiers. |
-k "pass phrase" | Cache pass phrase | Cache the given pass phrase, quotes are recommended. The pass phrase is case-sensitive. -b and -e may be used as modifiers. |
-z | encrypt | Encrypt and (if useful) compress the given file(s) with either the current default encryption key, or with one that is prompted for. The originals are wiped. -b, -c, -g, -f and -n may be used as modifiers. |
-d | Decrypt | Decompress and decrypt the given file(s) with either a cached key, or with one that is prompted for. -b, -c, -f and -n may be used as modifiers. |
-o | Open | Open the given file(s) with the appropriate application after temporary decryption and decompression. If they are modified after application exit, they are re-encrypted with the same pass phrase. -b may be used as modifier. |
-w | Wipe | Wipe the given files and delete. Show a confirmation warning first. |
-s | wipe Silent | Wipe the given files and delete, but do not ask for confirmation. |
-q | Query pass phrase cache | Return exit code 0 if all files given have pass phrases in the cache already. -b may be used as modifier. |
-h | Anonymous rename | Renames the given file(s) to anonymous names. The original names will be restored on decryption. |
-t | Clear pass phrase cache | Clear the internal pass phrase cache. If -b is given, only pass phrases associated with that tag are affected, otherwise all are removed, tagged and un-tagged alike. |
If no options are given but just file(s), they are opened as with -o. Otherwise the most recent -z, -d, -c, -o, -w, -s or -h determines the operation performed on the file.
The first time AxCrypt is started, a server process is initiated which will run until terminated. It is within this process that the pass phrase cache is kept, in a secure manner.
All operations are 'waitable', and will return a non-zero exit code on error.
The 'flag' options are important to specify before the operations they intend to modify, parameters are parsed and executed sequentially as the appear on the command line. Only operating system restrictions on command line lengths limit the number of operations on a single line. If any operation returns an error, the rest of the command line is ignored, and that error is returned as exit code.
If you need to do several operations, and keep them together, without affecting the "global" pass phrase cache, use the -b option with an arbitrary tag as described above. Deriving one from the time of day may be appropriate for example. The -b option is valid over multiple calls to the server process, as long as it is not restarted.
REGISTRY KEYS AND VALUES
AxCrypt keeps some persistent data and chosen options in the registry. Most of these are managed automatically, and should not be modified manually.
Some values under HKEY_CURRENT_USER\Software\Axon Data\AxCrypt\ are:
ServerMode is a DWORD entry, that when non-zero causes AxCrypt to enter a non-interactive server mode. In this mode, no message boxes or dialogues will be displayed. The messages will be logged to %TEMP%\AxCrypt.Log, and they will be given default responses. The shell extension, i.e. the right click menu in Windows Explorer with AxCrypt options will be disabled as well.
EventLogLevel is normally zero DWORD, causing nothing to be logged, unless server mode is enabled. You may increase this to positive values to get increasing levels of detailed log-entries in %TEMP%\AxCrypt.Log. This is primarily for testing and debugging purposes.
EntropyPool is 128 byte BINARY used to persistently save the state of half of the entropy pool.
KeyWrapIterations is a DWORD that specifies the number of rounds performed in the key-wrapping operation, where the actual master data encrypting key is wrapped with the SHA-1 hash of the pass phrase. The minimum value is 6, no maximum, except it may take a long time...
NoUnsafeWipeWarn is a DWORD that when non-zero disables the warning about not being able to securely wipe certain types of files, notably compressed and EFS encrypted. This is modified by the checkbox in the warning dialog.
SaveDecKey is a DWORD that when non-zero causes decryption pass phrases to be cached in memory. This is modified by the checkbox in the enter pass phrase dialog.
SaveEncKey is a DWORD that when non-zero causes an encryption pass phrase to be cached in memory and be used as default encryption pass phrase. This is modified by the checkbox in the enter pass phrase dialog for encryption.
CompressThreshold is DWORD that indicates the minimum estimated compression level needed for AxCrypt to compress before encryption. To disable compression, set the value to 101. To enable compression in all cases, set it to 0. The default is 20, indicating that at least estimated 20% savings is required for compression to be performed.
DisableRenameMenu is a DWORD when non-zero causes the anonymous rename menu to disappear from the right-click context menu.
LICENSE
This program is free software; you can redistribute it and/or modify it under the terms
of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program;
if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330,
Boston, MA 02111-1307 USA.