Back to Homepage
Homepage Research Technology Publications About Author Contact

  VMPCrypt 4 Specification


Register
VMPCrypt




Download free VMPCrypt



Specification of
VMPCrypt




Help



Contact



About the application



Press publications about VMPCrypt




What's new in VMPCrypt 5 - release in May 2013:

1. Simplification of the navigation in the Encrypted Book. The Book enables to safely store and ogranise any private text information of any length (logins and passwords, contacts, addresses, notes, etc.).

  • 1.1. Easier access to the Encrypted Book. A new "Book" button is now always visible in the top-right corner of the application's main window both in text and file mode.
  • 1.2. Folder search function was added.
  • 1.3. Improved document search function.
  • 1.4. The interface of copying and moving documents between folders was simplified.
  • 1.5. Improved sorting of the marked documents (the marked or found documents and folders can be placed at the top of the list).
2. Improved display of the application window in non-standard Dots Per Inch screen settings.

3. The non-full-screen display mode now adjusts its initial size automatically to 75% of the screen height.

4. Decryption of files from archive to user-selected folder - a "/Decrypt" subfolder of the folder in which the archive file is stored is now proposed as default.

5. A button moving the cursor to the top of the document in text mode was added.

VMPCrypt 5 is fully compatible with the previous versions of the application. Any data encrypted with the previous versions of VMPCrypt can be decrypted with the 5 version.

All owners of the previous VMPCrypt versions can receive a free update to the 5 version.



What's new in VMPCrypt 4 - release in November 2009:

1. From version 4 the name of the application is changed from VMPC Security to VMPCrypt.

2. Adding the encrypted book which allows to store and organise all sorts of text documents in a single encrypted database.

3. Extension of the function of remembering the key to all modes of operation. Now working with large numbers of files, archives, books, texts encrypted with the same key is very comfortable because it is enough to enter the password only once.

4. Adding the drag and drop mechanism. Now files to encrypt and decrypt can be dragged and dropped from Windows explorer.

5. Adding the function of searching files/folders and searching in the text.

6. Improved graphics.

7. Adding the function of saving the settings of the application. Now the application can be better adjusted to individual preferences.

8. New function of creating archives with filename containing the current data and time - comfortable for regular archiving of data.

9. Introducing the default folder which enables to easy decrypt and later wipe files without selecting the folder each time.

10. Improved intuitiveness of the key-input procedure and generating keys from random mouse moves.

11. New ability to run the application from command-line (e.g. from a .bat file). This function can be useful e.g. for automatic encrypted backup creation.

12. Assessing the security level of the entered passwords in real time while typing them.

13. Version 4 also contains a large number of small improvements - a total of over 100 changes compared to the 3 version.

VMPCrypt 4 is fully compatible with the previous versions of the VMPC Security application. Data encrypted in versions 1,2,3 are fully supported by VMPCrypt 4.




What's new in VMPC Security 3 - release in January 2009:

1. Adding the one-to-one encryption mode where a separate encrypted copy is created for each file.

2. Adding the function of changing the archive's encryption key.

3. The module generating secure passwords from random mouse moves was simplified - mostly in the area of saving the generated passwords.

4. Improved text encryption module - mostly in the area of making it easier to work with encrypted text files.

5. Improved function of viewing folders on disk and the content of encrypted archives.

6. Improved function of using multiple passwords to one encryption.

7. Improved function of selecting folder in which to save the encrypted archive.

Version 3 is fully compatible with the previous versions of the VMPC Security application. Data encrypted in versions 1 and 2 are fully supported by version 3.



Main functions of the VMPCrypt 4 application

1. Encryption strength - up to 512 bits.

2. Encryption in many-to-one mode - selected files and folders are stored in a single encrypted archive file comfortable to send or archive.

3. Encryption in one-to-one mode - a separate encrypted copy is created for each selected file.

4. Encryption of emails, text messages and encrypted on-line conversations.

5. Encrypted book - an encrypted database of text documents with flexible functions of organizing the documents in folders, copying them between folders and searching.

6. Generating hard-to-break passwords from random mouse moves. They can be used for encryption but also for other purposes, e.g. for secure logging to a bank account.

7. Possibility of using one key many times - data encrypted with the same key has different form each time.

8. Option of using multiple keys for a single encryption (the keys can be entered in any order). It enables to create mutual ciphertexts, which can be decrypted only if each person inputs her correct key.

9. Option of joining keys. It enables to use many passwords sent through different channels (for greater security) and to join them into a single key and use it for encryption.

10. Verification of data integrity. If the encrypted data was corrupted e.g. through transmission errors or a virus, the application would detect it upon decryption.

11. Option of creating self-decrypting archives in EXE files - the application is not needed to open them, it is enough to know the password.

12. Option of splitting archives into smaller files of any size so that it is possible to copy a big archive e.g. to CDs.

13. Option of editing archive content - it is possible to actualize, add, and remove files/folders from existing archives.

14. Option of automatic compression of files before encryption so that they take less space.

15. Option of automatic wiping files from disk after encryption so that no trace of them is left and their recovery is not possible even in specialized labs. Possibility to choose up to 99 rounds of wiping.

16. Possibility to add a text comment to the archive.

17. Comfortable system of current help displaying explanations to each function of the application after pressing right mouse button on the button we are interested in.

18. System of self-control. At startup the applications analyses its structure to detect any changes caused e.g. by a virus or disk damage.

19. Possibility to send encrypted data to recipients who don't have VMPCrypt installed thanks to the free Decryptor, available at our website.

20. Mode of operation without encryption as a flexible file / folder archiver (similarly to WinZIP or WinRAR).

21. Ability to run the application from command-line (e.g. from a .bat file)

22. Possibility to run without installation directly from a CD or a pen-drive - you can have the application always with you.

23. VMPCrypt works under Microsoft Windows 98/ME/2000/XP/2003/Vista/7 operating systems.

24. Free technical support through a
form at our website.




Detailed characteristics of the application


Technical specification (advanced)

1. The application offers very flexible functions for encryption of files and folders on local and network drives and easy encryption of text messages with a quick function of transmitting them through email.

2. The application employs a very efficient and secure encryption algorithm based on the VMPC one-way function, the VMPC Stream Cipher, presented at an international cryptography conference Fast Software Encryption 2004 in Delhi, India (FSE'04), along with a message authentication scheme VMPC-MAC and the VMPC-KSA3 key initialization algorithm.

3. The application has an advanced module for generating keys up to 512 bits. The module ensures full use of the security advantages of the employed encryption algorithms and also allows to use the generated keys (passwords) to external purposes like logging in to Internet services or creating digit combinations for safes. The module generates very high quality keys from entropy derived from random mouse moves. It also enables to use multiple keys for one encryption and to join multiple keys into one.


Encryption of files and folders:

4. Encrypted files and folders are stored in an archive file.

5. An archive file is encrypted in 100%. File names and all headers are encrypted. This way, the whole archive file is practically indistinguishable from a stream of truly random data, which enables to hide the very fact of using encryption.

6. Critically important headers are stored in two copies (each encrypted with a different initialization vector, which makes both copies look randomly different). This allows to open and decrypt the archive even if the archive is locally damaged.

7. Archives can be saved in self-decrypting format, as EXE files (applications). To decrypt such archive it is sufficient to know the correct key and a copy of the VMPCrypt application is not needed. This creates high portability of the archives.

8. Archives can be automatically split into files of any size, so that it is easy to store big archives on lower capacity media, like DVDs, CDs or floppies.

9. Files can be optionally compressed before encryption with the ZIP algorithm.

10. Archives contain information about the original location of all the encrypted files/folders, therefore it is possible to decrypt them to the original location without specifying any additional information. It is also possible to decrypt to any other user-selected location.

11. It is possible to store any automatically encrypted text comment in the archive, e.g. an additional information about the archive's content.

12. The application enables to view archive content, decrypt any files/folders stored in the archive, remove, add new files/folders to the archive and overwrite the ones already existing in the archive with new ones read from disk.

13. The process of storing data in the archive is secured against power failure. Data loss due to power failure is never possible with the VMPCrypt application. Original files are wiped only after the archive has been successfully created and test-opened. The archive update operation creates a new fully encrypted archive and copies the content of the original archive to the new one, along with applying the selected modifications. These mechanisms ensure that in case of a power failure during the operation - either the newly created archive or the original data - will still be accessible.

14. The application is very efficient. Encryption of files is approximately 30% faster than their only copying in the Windows operating system.

15. It is possible to unrecoverably wipe the encrypted (or individually selected) files/folders from disk. The original file content is overwritten with pseudorandom data from 1 to 99 times (user-selected).


Encryption of texts and email:

16. The application has a built-in secure text editor, which does not create temporary files.

17. After encryption, the ciphertext is automatically transformed into the Base64 text-format, which enables easy transfer of the ciphertexts through email, saving it in a text-file or printing.

18. Encrypted texts can be sent as email messages at one button click using the user's default email client application (e.g. Outlook Express).


Key Generation Module:

19. The application enables the use of both: classical passwords entered from keyboard and keys generated from random mouse moves (recommended method).

20. Generating keys from random mouse moves enables to generate keys practically indistinguishable from random data streams. This significantly increases the complexity of breaking such keys.

21. The application enables to use multiple keys for one encryption. This allows e.g. to create archives that only a full group of people have access to. Decrypting the archive is possible only after inputting all the keys, in any sequence. In case when even only one key is missing, the knowledge of the remaining keys does not decrease the complexity of breaking the missing key.

22. The application enables to join keys. This allows to use multi-channel key-agreement protocols, where the keys are transmitted through different channels (e.g. SMS, phone, fax, personally, post, PKI, etc.) and to join all the keys into one accumulated key, further used for encryption and decryption. In case when even only one key is missing, the knowledge of the remaining keys does not decrease the complexity of breaking the missing or the accumulated key.

23. An approximate time required to break the generated/input key by two kinds of supercomputers is automatically displayed to help choose the key length appropriate for a given encryption task.

24. A key visualization function is available, which displays the key in enlarged format. This makes it convenient to verify whether the key was input correctly or store the key on any media, like a sheet of paper or taking a photograph of the screen.

25. The application offers an advanced key saving option on floppy disks (or any other media) which is resistant to local damage of the disk. The key can be saved in multiple copies, separated by a selected size space, which may enable to recover the key from a partially damaged disk. It is also possible to save the key together with a characteristic header, which can allow to find and read the key from a seriously damaged disk.

26. The application remembers keys saved on hard drives and proposes to wipe them at application startup (keys should be saved on removable media for security reasons, however temporary storing them on hard drives can be useful, e.g. to enable copying them to removable disks like CDs, DVDs or floppies).


Other features of the application:

27. Thanks to the free decryption utility, available at our website, it is possible to send encrypted data to recipients who don't have the VMPCrypt application. This applies to sending encrypted files/folders as well as emails.

28. Thanks to the VMPC-MAC message authentication algorithm, automatically applied to each encryption by VMPCrypt, all changes to the ciphertexts (which might occur e.g. due to transmission errors or adversarial activities) are automatically detected and communicated upon decryption.

29. The application has a system of self-control. Each time the application is run, a MAC checksum of the EXE file containing the application is computed. Even if one bit of the application was changed or was added to the application's EXE file (e.g. by a virus), it will be detected at application's startup. In such a situation an information about the corruption will be displayed but the application will keep running.

30. The application has a system of current help - pressing right mouse button on each function-button or any other object displays a detailed information about how it works.

31. The application has an innovative all-visible interface. It does not have a classical menu. All functions are visible on the screen, each has a detailed description available at right mouse button and each has a hotkey specified on the button. As a result, using the application is fast and easy.

32. VMPCrypt works under Microsoft Windows 98/ME/2000/XP/2003/Vista/7 operating systems.

33. The application does not require installation and can be run directly from the VMPCrypt installation CD. This allows to achieve both greater flexibility and security if the user wishes to hide the fact of using encryption. The application does not create any registry entries and does not create any unencrypted temporary files.





FSE 2004
Publication at International Association for Cryptologic Research (IACR) conference FSE 2004

Konferencje Enigma
Publications at National Cryptography Applications Conference Enigma 2004, 2005, Warsaw, Poland

WCTT
Award from Wroclaw Center of Technology Transfer at Wroclaw University of Technology

Software Developer's Journal
Recommended Project by computer magazine Software Developer's Journal



























Homepage  |   Research  |   Technology  |   Publications  |   About author  |   Contact

Copyright © 1999-2018 by Bartosz Zoltak