Cryptophile App
Thursday, August 1, 2013
Released new AES padding parameter to smartphones
Just to be safe, I released the new block padding parameter to crypt2phile and cryptxphile (for smartphones) likely running Android 2.x or similar. I don't know if op system upgrades to these platforms could cripple decryption, but I need to be prepared at least for the latest-and-greatest phone platforms in the future.
Android 4.3 upgrade...update
After more investigation (ref. previous post), I have determined that the app problem can be traced to lack of backwards compatibility between 4.2 and 4.3 regarding block padding used during Java encryption/decryption. Alas, this recent Google op system upgrade caused corrupted decryption output when using text that was encrypted prior to the upgrade...this error is not the app's direct fault.
I released a fix/work-around:
"Encrypt/decrypt block padding was not backwards-compatible after Android 4.2 to 4.3 op system upgrade!!! Technically: Changed app from using AES/CBC/PKCS5Padding to AES/CBC/PKCS7Padding. This makes your old, pre-upgrade encrypted folders 'decryptable' again, but leaves brand new folders (since your tablet received an op system upgrade) undecipherable. Sorry, but this was the best of the bad options available."
I released a fix/work-around:
"Encrypt/decrypt block padding was not backwards-compatible after Android 4.2 to 4.3 op system upgrade!!! Technically: Changed app from using AES/CBC/PKCS5Padding to AES/CBC/PKCS7Padding. This makes your old, pre-upgrade encrypted folders 'decryptable' again, but leaves brand new folders (since your tablet received an op system upgrade) undecipherable. Sorry, but this was the best of the bad options available."
Android 4.3 upgrade corrupted old files?
My Nexus 7 tablet was automatically upgraded to Android 4.3. This o/s platform contains, among other features, better disk management code called TRIM, which helps prevent storage fragmentation. After the Android s/w update (and subsequent platform reboot), I noticed some of my old encrypted data had been partly corrupted, and in one case, totally corrupted when the app's decryption step completed. The app did not report a decryption error, but the output was incorrectly decoded, especially at the beginning of the text block. Major mystery!!!
Sunday, July 28, 2013
Strengthened Clipboard Paste function
For smartphones, the AES+ and 3DES versions of the app have been updated with a more robust paste-from-Clipboard-to-Textbox logic. Note: This modification does not solve the insidious operating system error in older models of Samsung Galaxy phones. (The encryption apps designed for Android tablets did not require this update.)
Thursday, July 25, 2013
Clipboard crashes on Samsung affecting apps
From summer 2012, there has been a sleeping bug in the Samsung operating system that is intimately related to their proprietary Clipboard software code. Apparently, after repeated clipboard operations (some report the count as 20), the Samsung operating system is crippled...causing repeated system crashes/reboots. This is not the fault of any of the AES+ or 3DES apps released by this author. Use Google search and the keywords "samsung clipboard crash" or similar to research the scope of this problem.
From summer 2012, there has been a sleeping bug in the Samsung operating system that is intimately related to their proprietary Clipboard software code. Apparently, after repeated clipboard operations (some report the count as 20), the Samsung operating system is crippled...causing repeated system crashes/reboots. This is not the fault of any of the AES+ or 3DES apps released by this author. Use Google search and the keywords "samsung clipboard crash" or similar to research the scope of this problem.
Saturday, February 11, 2012
"Share" button replaces "Send SMS" button
The ability to forward encrypted text by using additional apps on the Android device has been added to all Version 3 releases. There was user demand that more than just the Message app be made available from the touch screen, so now Gmail (for example) can be easily exploited to transmit ciphered messages.
In addition, 2 very minor bugs were corrected that prevent the apps from gracefully rejecting corrupted messages from trying to be decoded/decrypted.
In addition, 2 very minor bugs were corrected that prevent the apps from gracefully rejecting corrupted messages from trying to be decoded/decrypted.
Wednesday, November 2, 2011
Source Code Revelation
The app's source code is the brainchild of the author and its release therefore remains a low priority objective. Note that the ability to peruse the app's software would not assist in deciphering purloined encrypted messages. It'd still take brute force methodologies to attack a coded string. I will add that it's no secret that the app's Unicode "Box Character" encoding system is only sugar coating and not secure. It would be the 3DES or AES algorithms (with tweaks) from the Java library that provides a measure of data security.
Subscribe to:
Posts (Atom)