1. The application offers very flexible functions for encryption of files and folders on local
and network drives and easy encryption of text messages with a quick function of transmitting
them through email.
The application employs a very efficient and secure encryption algorithm based on the
VMPC one-way function, the VMPC Stream Cipher, presented at an international cryptography conference
Fast Software Encryption 2004 in Delhi, India
along with a message authentication scheme
VMPC-MAC and the VMPC-KSA3 key initialization algorithm.
The application has an advanced module for generating keys up to 512 bits.
The module ensures full use of the security advantages of the employed encryption algorithms
and also allows to use the generated keys (passwords) to external purposes like
logging in to Internet services or creating digit combinations for safes.
The module generates very high quality keys from entropy derived from random mouse moves.
It also enables to use multiple keys for one encryption and to join multiple keys into one.
Encryption of files and folders:
Encrypted files and folders are stored in an archive file.
An archive file is encrypted in 100%. File names and all headers are encrypted.
This way, the whole archive file is practically indistinguishable from a
stream of truly random data, which enables to hide the very fact of using encryption.
Critically important headers are stored in two copies (each encrypted with a different
initialization vector, which makes both copies look randomly different). This allows to
open and decrypt the archive even if the archive is locally damaged.
Archives can be saved in self-decrypting format, as EXE files (applications). To decrypt such
archive it is sufficient to know the correct key and a copy of the
VMPCrypt application is not needed. This creates high portability of the archives.
Archives can be automatically split into files of any size, so that it is easy to store
big archives on lower capacity media, like DVDs, CDs or floppies.
Files can be optionally compressed before encryption with the ZIP algorithm.
Archives contain information about the original location of all the encrypted files/folders, therefore
it is possible to decrypt them to the original location without specifying any additional information.
It is also possible to decrypt to any other user-selected location.
It is possible to store any automatically encrypted text comment in the archive,
e.g. an additional information about the archive's content.
The application enables to view archive content, decrypt any files/folders stored in
the archive, remove, add new files/folders to the archive and overwrite the ones
already existing in the archive with new ones read from disk.
The process of storing data in the archive is secured against power failure. Data loss due to power
failure is never possible with the VMPCrypt application. Original files are wiped only
after the archive has been successfully created and test-opened. The archive update operation creates a new fully
encrypted archive and copies the content of the original archive to the new one, along with applying
the selected modifications. These mechanisms ensure that in case of a power failure during the
operation - either the newly created archive or the original data - will still be accessible.
The application is very efficient. Encryption of files is approximately 30% faster than their only copying in the
Windows operating system.
It is possible to unrecoverably wipe the encrypted (or individually selected) files/folders from disk.
The original file content is overwritten with pseudorandom data from 1 to 99 times (user-selected).
Encryption of texts and email:
The application has a built-in secure text editor, which does not create temporary files.
After encryption, the ciphertext is automatically transformed into the Base64 text-format, which enables
easy transfer of the ciphertexts through email, saving it in a text-file or printing.
Encrypted texts can be sent as email messages at one button click using the user's default
email client application (e.g. Outlook Express).
Key Generation Module:
The application enables the use of both: classical passwords entered from keyboard
and keys generated from random mouse moves (recommended method).
Generating keys from random mouse moves enables to generate keys practically
indistinguishable from random data streams. This significantly increases the complexity
of breaking such keys.
The application enables to use multiple keys for one encryption. This allows e.g. to create
archives that only a full group of people have access to. Decrypting the archive is possible
only after inputting all the keys, in any sequence. In case when even only one key is missing, the knowledge
of the remaining keys does not decrease the complexity of breaking the missing key.
The application enables to join keys. This allows to use multi-channel key-agreement protocols,
where the keys are transmitted through different channels (e.g. SMS, phone, fax, personally, post, PKI, etc.)
and to join all the keys into one accumulated key, further used for encryption and decryption.
In case when even only one key is missing, the knowledge of the remaining keys does not decrease the complexity of
breaking the missing or the accumulated key.
An approximate time required to break the generated/input key by two kinds of supercomputers is automatically
displayed to help choose the key length appropriate for a given encryption task.
A key visualization function is available, which displays the key in enlarged format. This makes
it convenient to verify whether the key was input correctly or store the key on any media, like a
sheet of paper or taking a photograph of the screen.
The application offers an advanced key saving option on floppy disks (or any other media) which
is resistant to local damage of the disk. The key can be saved in multiple copies, separated by
a selected size space, which may enable to recover the key from a partially damaged disk.
It is also possible to save the key together with a characteristic header, which can allow to find and
read the key from a seriously damaged disk.
The application remembers keys saved on hard drives and proposes to wipe them
at application startup (keys should be saved on removable media for security reasons, however
temporary storing them on hard drives can be useful, e.g. to enable copying them to removable disks like CDs, DVDs or floppies).
Other features of the application:
Thanks to the free decryption utility, available at our website, it is
possible to send encrypted data to recipients who don't have the VMPCrypt application.
This applies to sending encrypted files/folders as well as emails.
Thanks to the VMPC-MAC message authentication algorithm, automatically applied to each encryption
by VMPCrypt, all changes to the ciphertexts (which might occur e.g. due to transmission errors
or adversarial activities) are automatically detected and communicated upon decryption.
The application has a system of self-control. Each time the application is run, a MAC checksum
of the EXE file containing the application is computed. Even if one bit of the application
was changed or was added to the application's EXE file (e.g. by a virus), it will be detected at
application's startup. In such a situation an information about the corruption will
be displayed but the application will keep running.
The application has a system of current help - pressing right mouse button on each
function-button or any other object displays a detailed information about how it works.
The application has an innovative all-visible interface. It does not have a classical menu.
All functions are visible on the screen, each has a detailed description available at right mouse
button and each has a hotkey specified on the button. As a result, using the application is fast and easy.
VMPCrypt works under Microsoft Windows 98/ME/2000/XP/2003/Vista/7 operating systems.
The application does not require installation and can be run directly from the VMPCrypt installation CD. This allows to
achieve both greater flexibility and security if the user wishes to hide the fact of using encryption. The application does
not create any registry entries and does not create any unencrypted temporary files.
Publication at International Association for Cryptologic Research (IACR) conference FSE 2004
Publications at National Cryptography Applications Conference Enigma 2004, 2005, Warsaw, Poland
Award from Wroclaw Center of Technology Transfer at Wroclaw University of Technology
Recommended Project by computer magazine Software Developer's Journal