Why would you want to do this?
More and more governments are writing laws to enforce suspects to give up their passwords. This would
not be so bad, weren't it for the fact that they are suspects. They may not have done anything. So what
if they forgot their password? Or store data that looks encrypted, but is simply random?
The law is already in effect in Great Britain. If you don't tell your password for anything they
think is encrypted, you face up to 5 years of jail. Right now, Dutch lawmakers are looking to implement something similar.
That's why I made this tool. It generates passwords for random data (or data that otherwise looks encrypted), and can also
be used to to protect real data by generating multiple passwords for one file. One of the passwords is
the real one, others result in fake data.
What if the police thinks you have a second password? Simple: you give them another fake. There is
no way for them to know how many password you've generated. Or perhaps you've already complied to
the law by providing one.
Okay, let's dive a little deeper into how this works. Typically in a symmetric encryption scheme, we have three things:
Data that you want to keep private or secret (referred to as "the data" or "the original")
The encryption of this data ("encryption")
Something that unlocks the encryption ("key" or "password")
With the data and key you can generate the encryption. With the encryption and key you can generate the data.
And with Secrypt, you can also generate the key using the original and the encryption.
Because the data is private, you'll want to delete it and store the encryption and key seperately.
Keep in mind that encryption + key = data.
Data is the decryption (because after using the key on the encryption, you can call it the decryption).
So to have multiple keys for one encryption, you will also have multiple versions of the data, and one of
these versions is the original one. Therefore you need to tell the algorithm which decryptions you want the
keys to have. One key will unlock the original data, the other keys will unlock whatever you want them to.
The encryption and the correct key are both the same length as the original data. If you generate another decryption
which is shorter or longer than the data, it's trivial to see it's a fake. Why? If you give the encryption with
a fake key to someone, they know the length of the encryption, and thus the length of the original data, and thus
how long a key should be. This is why it's smart to make all decryptions the same length as the encryption,
then all keys will have the same length and it's impossible to know (assuming that your decryptions make sense)
whether any key is a fake or not.
If you have any further questions, feel free to contact me!
Decrypt your file with a password
Or someone else's file, of course.
Generate a decryption for some file
Note that the file can technically be anything: random data, encrypted data, an unencrypted Word document, images...
Encrypt a file and generate multiple passwords
Note: I cannot stand in for the safety of this tool for protecting real data; it has not been analysed by anyone besides myself.
I believe it is fairly safe, albeit impractical with large amounts of data, but you still shouldn't ever trust a single person's opinion
on cryptography. Doing crypto correctly is hard.
Perhaps it's an idea to encrypt your data with AES or something, then using the "Generate a password for a file that is not encrypted"-tool
to obtain one or more fake passwords for it.