I have released the next version of Text Shredder which incorporates some tweaks and features from peer review of users of the application on the internet.
The release notes are as follows :
- Added a HMAC to the encrypted message. The ciphertext + original salt is HMACed using the AES key. When the message is decrypted, the HMAC is recomputed and compared to the original. If it doesn’t match then the message has been corrupted or tampered with.
- Removed BCrypt from the internal password hash. After peer review it was deemed unnecessary as a PBKFD (Rfc2898) is used with 70,000 iterations to generate the AES key.
- When setting up the AesCryptoServiceProvider, make the cipher mode and padding schemes more apparent. This application uses AES set to CBC mode with PKCS7 padding.
- Add a word wrap option to the file menu. This enables/disables word wrap on all the text boxes.
- When the user first loads up Text Shredder, show an upgrade warning stating that their message recipients must be using the same version of the tool. They can click on a “Do not show this again” checkbox to disable the warning then they next run the program.