I have released the next version of Text Shredder which incorporates some tweaks and features from peer review of users of the application on the internet.
The release notes are as follows :
- Added a HMAC to the encrypted message. The ciphertext + original salt is HMACed using the AES key. When the message is decrypted, the HMAC is recomputed and compared to the original. If it doesn’t match then the message has been corrupted or tampered with.
- Removed BCrypt from the internal password hash. After peer review it was deemed unnecessary as a PBKFD (Rfc2898) is used with 70,000 iterations to generate the AES key.
- When setting up the AesCryptoServiceProvider, make the cipher mode and padding schemes more apparent. This application uses AES set to CBC mode with PKCS7 padding.
- Add a word wrap option to the file menu. This enables/disables word wrap on all the text boxes.
- When the user first loads up Text Shredder, show an upgrade warning stating that their message recipients must be using the same version of the tool. They can click on a “Do not show this again” checkbox to disable the warning then they next run the program.
Added a HMAC to the Encrypted Message
One of the comments made during peer reviews was that there was no protection against corruption or tampering of the message over the wire. This means that if your message was intercepted and changed the application wouldn’t warn you on receipt of the cipher text. Now as part of the encryption process, the cipher text and random generated salt is used to generate an authenticated message code (HMAC) using the derived password that was used to encrypt the message in the first place.
Removed BCrypt from the Internal Password Hash
Another comment from peer review was that the step of using BCrypt to internally hash the passwords was not necessary when I am using a PBKDF like Rfc2898 (Password based key derivation function) to derive the encryption key. I have removed BCrypt from the implementation, but also when I use the PBKDF to create the encryption key I have increased it from 40,000 iterations to 70,000 iterations. This basically slows down the key creation process so that brute forcing becomes much harder.
Make the Cipher Mode and Padding Schemes More Apparent
Internally, Text Shredder uses the AesCryptoServiceProvider object in .NET to perform the AES encryption. AesCryptoServiceProvider is a FIPS certified implementation of the AES algorithm. One comment that was made during peer review was that it was not apparent from looking at the code what mode and padding scheme was being used. By default AesCryptoServiceProvider uses CBC (Cipher Block Chaining) mode and PKCS7 for its padding scheme. I havn’t changed the defaults, but I have explicitly set them in the code to make it more obvious to anyone looking at the code.
Add a word wrap option to the file menu
This is more a cosmetic feature than a main feature, but in the original version of Text Shredder, when you pasted text into any of the text boxes, the text would not wrap to the next line in the box. This was the same with the read only cipher text boxes. I have added a toggle for word wrapping to the File menu. This doesn’t affect the applications core functionality, but it purely cosmetic.
Show an upgrade warning
When you first load up version 1.1 of Text Shredder, you will see a warning dialog box stating that if you are sending someone a message who is running an older version of Text Shredder, that they will also need to upgrade to version 1.1. This is because the encryption scheme has changed slightly as described above.
If you don’t want this to display every-time you run Text Shredder, then there is a check-box on the dialog you can tick to disable the warning.