So you want to delete a file that was encrypted so that the user will never be able to recover it? Sorry we don't help with hacking activities like that.
Encryption and Secure Deletion
Hello! I was hoping to get some pointers on how to build my own encryption software that would also be able to securely delete the encrypted file if the password was entered wrong. I want to use 256 aes or similar encryption and possibly a 25 or more overwrite deletion. Long story short I'm proving to a friend that it can be done and I was figuring if I'm gonna take the time to make said program I might as well make it good.
- Status
- Not open for further replies.
1 - 8 of 8 Posts
Uhmm not hacking at all. It's my own file that I wish to encrypt. As stated I just want to learn what it takes to make a program to encrypt and also a program that does security measures for wrong passwords. How on earth is that hacking?
Doesn't sound practical to me.Hello! I was hoping to get some pointers on how to build my own encryption software that would also be able to securely delete the encrypted file if the password was entered wrong......................
One wrong character used in decrypting and the file is lost.
And I'd be missing quite a few by now
If you are worried about attempted cracking, simply use a more complex key and/or more powerful encryption.
You would need to write something better than veracrypt if you intend a do-it-yourself attempt at encryption, and I strongly suspect that would be an intense attempt even for expert coders.
You are new here and we don't know you.Uhmm not hacking at all. It's my own file that I wish to encrypt. As stated I just want to learn what it takes to make a program to encrypt and also a program that does security measures for wrong passwords. How on earth is that hacking?
Incorporate that concept into ransomware and it's no longer an innocent application.
Others have already said that we can't help you do that, and I'm not here to contradict that.
However, for reasons of education I thought it's worth mentioning one thing. In general, when we're designing encryption software, we want something that is secure against someone who has all the advantages except the password/key. This is Kerckhoff's principle: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge. That is, they know what encryption you're using, how your software works, what your encrypted data is (although obviously not what the unencrypted one looks like!) and so on.
Against such an adversary, what you are suggesting cannot actually be reliable, because they can always replicate your system without the defences. For example, they could use their own 256 aes decrypter which doesn't have the deletion code in place. Or they could just make a copy of the file (or the whole hard drive) before they guess the password!
However, you don't need to worry too much, since brute forcing an AES key would take longer than the whole universe has existed for! The bit that you are allowed to assume the attacker doesn't control is enough that you don't have to worry about panic deleting.
However, for reasons of education I thought it's worth mentioning one thing. In general, when we're designing encryption software, we want something that is secure against someone who has all the advantages except the password/key. This is Kerckhoff's principle: A cryptosystem should be secure even if everything about the system, except the key, is public knowledge. That is, they know what encryption you're using, how your software works, what your encrypted data is (although obviously not what the unencrypted one looks like!) and so on.
Against such an adversary, what you are suggesting cannot actually be reliable, because they can always replicate your system without the defences. For example, they could use their own 256 aes decrypter which doesn't have the deletion code in place. Or they could just make a copy of the file (or the whole hard drive) before they guess the password!
However, you don't need to worry too much, since brute forcing an AES key would take longer than the whole universe has existed for! The bit that you are allowed to assume the attacker doesn't control is enough that you don't have to worry about panic deleting.
Thank you both for the replies!
Yes I can completely see now where ransomware would be a big red flag with how I wrote the post which is dumb in my part. Sorry about that. I'm not at all a hacker nor do I want to mess up anyone's computer. I have had my pc fail before and lost some pictures and stuff that I'll never be able to get back sadly.
Thank you for the information about encryption that's actually wonderful to know. When you say they could just take the file or hard drive and use their own decryption software mind I ask how other encryption software hasn't all just failed due to someone making a universal kinda cracking software? Also if they new how all the keys worked and your coding to your program wouldn't it become much easier to reverse engineer the password?
I'm not even going to bother trying to make that program anymore because with the now thought of ransomware in my head I wouldn't want to give any jerk a head start if they took the program some how but I'm still exceptionally interested in learning about encryption if that's okay. :]
Yes I can completely see now where ransomware would be a big red flag with how I wrote the post which is dumb in my part. Sorry about that. I'm not at all a hacker nor do I want to mess up anyone's computer. I have had my pc fail before and lost some pictures and stuff that I'll never be able to get back sadly.
Thank you for the information about encryption that's actually wonderful to know. When you say they could just take the file or hard drive and use their own decryption software mind I ask how other encryption software hasn't all just failed due to someone making a universal kinda cracking software? Also if they new how all the keys worked and your coding to your program wouldn't it become much easier to reverse engineer the password?
I'm not even going to bother trying to make that program anymore because with the now thought of ransomware in my head I wouldn't want to give any jerk a head start if they took the program some how but I'm still exceptionally interested in learning about encryption if that's okay. :]
As Josiah (Ent) explained at the end of post #6, it's theoretically possible to crack AES but it would take billions of years !
See here for the gory details :- https://www.eetimes.com/document.asp?doc_id=1279619
There's talk of Quantum computers being able to do it in a reasonably short time but I'll believe that when I see it.
See here for the gory details :- https://www.eetimes.com/document.asp?doc_id=1279619
There's talk of Quantum computers being able to do it in a reasonably short time but I'll believe that when I see it.
1 - 8 of 8 Posts
- Status
- Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
