Fausterize is a simple text encryption program. I wanted a encryption tool with high security and easy to remember passwords.
The password is a file, a file per document, i.e. fausterize employs a one-time-pad algorithm.
- licence: MPL 1.1
- platform: OSX, linux, unix, windows
- requires java 6
- lastest version 0.9.0 from 2010.04.11
- Simple password
- Simple well described alogrithm
- Nice ui
I was looking for an encryption tools and wondered what would happen if I change the computer / os or the company of the encryption tool would go away. I did not like the idea, but I like coding so I started fausterize. The algorithm should be simple, os and programming language independent that it could be rewritten from scratch on OS/2 and Befunge if some one wants to.
On the way I tried to think of ways to break the encryption.
java str -> byte (charset utf8) -> byte wise xor with Huffman encoded pad file -> byte wise translation to lines from faust
After all the regular encryption fausterize further encodes the bytes into lines of the novel faust by Goethe (thanxs to Project Gutenberg). This does not enhance security but it's neat. One positive effect is that the result could be send via email without triggering spam or virus filters.
Security or Let's break the Algorithm
- If the pad file is random enough and used only for one document the security is good enough
- How to allow any file as pad file ? zip it. Packing a file produces byte steams that are sufficiently random. If not there would be further packing possible.
- using java zip this is simple, but what if the java implementation changes slightly? use your own packaging, i.e. a simple Huffman encoding should do it.
- If someone has access to my machine and the pad file is one the machine how easy is it find the right pad file? Possible answers, add a password, never have the file on the same machine
The result of the decoding is either human readable text or garbadge. That allows a simple check based on mine-type content analysis if the pad file was correct.
- Summery: fausterize should be save enough to withstand statistical attacks or brute force attacks as long as the padfile is not on the machine.
- Corollary: don't forget the pad file
Issues are tracked in http://code.google.com/p/stroy/issues module: fausterize
- 85: undo/redo
- 96: README.txt
- 70: exe for windows
- 71: debian (unbuntu…) packages for linux
- 98: PAD files
- 95: fixed: fausterize 0.8 only starts on developer machines
- 84,91: handle files and pads in various states of readonly or not-readable including changes
- 90: save-as did not write before a change
- 92: pad testing: fausterize does a dummy check whether the pad is the correct one. It does not save the pad name anywhere. It analyses the decrypted text if it is text or binary.
- 93: highlander mode: as fausterize does not run reliably in multiple instances any further starts warn and exit.
- 68: allow more files
- 87: open recently - menu
- 88: std file and preference location
- 80: closed icon in closed
- 83: windows does not show file dialog
- 82: std menues, including nice color on all platforms
- 79: wrong pad destroys text
- 78: make real toggle button