[Note. This is a slightly modified (updated) version of an article that originally appeared in issue 266 of Acorn User (December 2003).]
Thanks to fast modern computers, cryptography with a 'military' level of security, i.e. unbreakable in practice by all known methods, is now available to everyone. Computer files can be encrypted by means of a cipher - a set of mathematical operations that transforms an original file (known as the plaintext) into an unintelligible ciphertext file or vice versa. The plaintext need not be an ordinary textual message. It can equally well be any type of information that can be represented in a computer file, such as an archive, an image or a sound file. The basic ideas of cryptography were described in the first article of this series.
Many people who own computers use them to store personal or confidential data which they want to protect from prying eyes. Examples of such data are financial records, address books, private diaries, sensitive correspondence, and lists of passwords for online services on the internet.
Confidentiality of information is especially important for businesses, which could suffer great financial loss if their proprietary information or business plans fell into the wrong hands. Trade unions and political campaigners also need to keep their plans confidential.
Even if there is no possibility of access by any unauthorised person, consider what could happen if a computer unexpectedly needs to be sent away for repairs. The owner may not be able to access the data contained in it because of some fault, but the data might be recoverable and readable by others before the computer is returned. The risk is even greater if a computer is ever stolen.
In the UK, and no doubt in other countries too, any person or organisation that maintains personal information on individuals in computer records is required by law to ensure the security of those records. Strong encryption is the ideal way to do this.
Some of the world's strongest known ciphers have been implemented in software for all major computer systems, including RISC OS. In this article I shall give a survey of RISC OS software that can be used to protect confidential data by means of strong ciphers.
All the programs mentioned in this article use only encryption methods which have a good reputation among professional cryptographers. All these programs are freeware, and they can all be found from links on my website devoted to RISC OS security and privacy software at http://www.queen.clara.net/pgp/acorn.html.
Of the available software, !Encrypt by Stephen Sloan is probably the easiest program to use, and I shall describe it in the greatest detail. [Note: This software has become somewhat out of date since this article was originally written, but I shall retain the original information here, as it may still be useful to some people using older versions of RISC OS.] This program can encrypt or decrypt files or even whole directories in one simple operation.
Unfortunately, !Encrypt has not been updated since 1999. As a result, it will not work in RISC OS 5, since some of the modules contained in it are not 32-bit compatible. Users of RISC OS 5 should use instead my application !Q-Lock (described below), which does essentially the same thing.
A file can be encrypted in !Encrypt by dragging it into the program's main window. The user is then asked to enter a passphrase with which to encrypt the file. Passphrases of up to 240 characters are allowed. The passphrase must be entered twice to ensure that what was typed by the user is actually what was intended. If the two entries agree, an output ciphertext file can be saved by dragging a file icon to any chosen directory, with a different filename if desired. Alternatively, by clicking on 'Process', the original plaintext file is replaced by the ciphertext file. It's as simple as that.
The procedure for decryption is similar. The ciphertext file is dragged into the program's main window, and the user is asked to enter the passphrase. If the passphrase is correct, the plaintext file is created and replaces the ciphertext file.
For additional security, there is an option to overwrite the original plaintext file after it is encrypted. This is achieved by making use of a powerful utility Nuke by Sergio Monesi, which is included in the program. When a file is 'deleted' by RISC OS, only its entry in the directory structure is actually deleted, but all the data remains on the disc surface and can easily be recovered by means of a disc editor or an 'undelete' utility. Nuke prevents such data recovery by overwriting the data on the appropriate disc sectors a number of times.
It should be noted that the version of Nuke inside !Encrypt should not be used in RISC OS 3.8 or later. If you attempt to switch on the Nuke option when using such a system, you will get a warning message. Although the version of Nuke inside !Encrypt does not work on E+ or F+ discs, a later version which solves this problem is available and can be obtained from my website (see above). If this replacement is made, !Encrypt can then be used successfully in RISC OS 4 (but not 5).
Encryption of entire directories works in a similar way as for single files. It is only necessary to drag the plaintext directory into the !Encrypt window. Each individual file in the directory is then encrypted, while retaining its original filename.
An additional option makes it possible to zip an entire directory into a single archive file before the encryption takes place. This operation takes a little longer in practice, but it has the advantage of hiding the individual filenames and the directory structure, since the resultant ciphertext is just a single file. Moreover, because of the compression in the zip file, the ciphertext file is usually smaller than the total size of the original plaintext directory.
The zipping operation before encryption and the unzipping after decryption are achieved by means of the modules zip and unzip from the Info-ZIP group, which are included as part of the software. However, to ensure that these operations work in the program, the user must place copies of those modules in the appropriate Library directory of the computer.
Finally, it should be mentioned that !Encrypt offers the option of selecting either of two alternative encryption methods: the Blowfish cipher (created by the eminent cryptographer Bruce Schneier and ported to RISC OS by Gareth McCaughan) or an early version of the well known program PGP (created by Phil Zimmermann and also ported to RISC OS by Gareth McCaughan).
The second option only works if PGP is already installed in the computer. However, this option does not actually make use of the full power of PGP (i.e. public-key cryptography). It uses only PGP's 'conventional encryption' by means of the IDEA cipher. Public-key cryptography is used for secure e-mail and is unnecessary for protecting one's own confidential data.
There is probably no advantage in selecting the PGP option instead of the default Blowfish option. First of all, the use of PGP is slower. Secondly, contrary to the impression one might gain from the old !Encrypt documentation, the Blowfish cipher is now considered stronger than the IDEA cipher. In technical jargon, the IDEA cipher consists of eight successive 'rounds', of which four are effectively broken by modern cryptanalysis. In contrast, no effective cryptanalytic attacks against Blowfish are known. Despite this difference, both ciphers remain unbreakable in practice at the present time. The point is that IDEA is more likely to be broken at some future time.
An alternative to !Encrypt is my program !Q-Lock, which does almost exactly the same thing, but with a very different type of front end and with a few extra features.
The original version of !Q-Lock used the IDEA cipher without the need for PGP. The current version uses the more secure Blowfish cipher. Like !Encrypt, it can be used to encrypt any number of directories, each with its own passphrase. Zipping is not an option, as in !Encrypt, but it's carried out automatically. The plaintext is also 'nuked' automatically, and this can be done with a higher level of security than in !Encrypt. Whenever any directory is encrypted, the program also automatically stores a backup copy of the ciphertext file as a precaution against possible loss - if a ciphertext file were to be corrupted for any reason, there would be no possibility of recovering any of the files contained within the original plaintext directory.
Because the utility Nuke is not 32-bit compatible, there are now two alternative versions of !Q-Lock.
One version of !Q-Lock contains Nuke, as well as an inner application !Nuke-it which can be used for permanently destroying sensitive data contained in any other directory on the disc. To do this, the user must move the data to a special directory called 'scrap' and then run !Nuke-it. The data is then 'nuked' with a 'military' level of security (overwritten many times) and can no longer be recovered. This version of !Q-Lock is recommended for users of RISC OS 3 or 4 on 'native' hardware, because Nuke is the fastest and most secure utility for secure destruction of data on disc.
The alternative version of !Q-Lock, intended for users of RISC OS 5, replaces Nuke by a newer 'Erase' procedure which should work in all versions of RISC OS because it is written entirely in BASIC. This procedure is also quite secure, but for large files it may be noticeably slower than Nuke. In this version of !Q-Lock, the inner application !Nuke-it (which, as you might have guessed, contained Nuke) is replaced by an alternative application !Erase. This version of !Q-Lock should also be used in Virtual Acorn systems, because Nuke does not work in such systems.
For users of the ANT Internet Suite, !Q-Lock has a sister application called !Mail-Lock which can be used to encrypt or decrypt any specified mail folders. These two applications work in basically the same way, and they have the same look and feel. !Mail-Lock is also available in two alternative versions, exactly as described above for !Q-Lock.
For additional security of sensitive data, encryption can be combined with steganography, which refers to any method of hiding the existence of data. An application which does this is !Stealth, which makes use of the strong Blowfish cipher.
Like the applications discussed above, !Stealth can encrypt a number of directories, each with its own passphrase. But unlike the other applications, it hides all the resulting ciphertext files inside a single 'container file'. A particular ciphertext file can be extracted and decrypted only by entering the correct passphrase. Without a knowledge of the passphrases, no unauthorised person can determine how many encrypted directories are hidden, or even whether there are any at all, by analysing the container file.
Whether or not any encrypted directories are stored inside the container file, that file looks as if it's filled with random data. The reason is that the container file is initially filled with highly random data, and the data in any ciphertext file that is placed inside it looks equally random. This is a general characteristic of strong ciphers - the ciphertext which they produce is indistinguishable in practice from random data. Even sophisticated statistical analysis can't tell the difference.
In the final article in this series I shall describe the RISC OS versions of PGP and GnuPG, the standard programs for secure e-mail over the internet.