Re: [orca-list] Accessible encryption
- From: Rastislav Kish <rastislav kish protonmail com>
- To: orca-list gnome org
- Subject: Re: [orca-list] Accessible encryption
- Date: Sun, 10 Jan 2021 18:02:29 +0000
Hi there,
besides other already mentioned options, there is also VeraCrypt, the
descendand of the legendary TrueCrypt, which is rumored to be forcibly
discontinued by NSA because of their inability to break its encryption.
Even though the rumors are most likely just conspiracy theories, the
fact is, that Edward Snowden, the well known whistle-blower, marked
TrueCrypt as problematic for secret agencies to break (Tc development
was ended shortly after this announcement), and there are recorded cases
of FBI and other authorities being unable to gain access as well in few
investigations.
VeraCrypt as already mentioned is based on TrueCrypt, fixing some of its
vulnerabilities and adding new security algorithms and features.
It supports 5 encryption algorithms (AES Rijndael, Twofish, Serpent,
Camellia and Kuzniechik), being not just able to use the algorithms
alone, but also combine them in pairs or triples, slowing down any
attack three times in case of the last option.
Multiple hashing algorithms are also supported, such as SHA512, SHA256
or Whirlpool, further adding the complexity of decryption process.
And finally, you can select a PIM number for each container, which is
able to increase the number of password hashing iterations and further
slow down any attack.
If you're new to this field, it may be also worth noting the system of
how VeraCrypt operates.
It works with .hc containers, special files, which you can imagine as
.zip files, just instead of compression, there is a really heavy
encryption protecting the data.
You can mount these .hc files through VeraCrypt like virtual filesystems
and operate there normally, like you would on USB, network drive or
another partition.
All modifications are encrypted and decrypted on fly, without any
noticeable delay.
When you're finished, you can simply dismount the volume, and noone can
access the data anymore without knowing the password.
This is the basic scenario of usage. There are quite a lot of features,
like hidden volumes (a volume with a decoy and a hidden part for cases
you were forced to reveal the password), whole disk / system encryption
(I have no idea, how accessible is this), using files as encryption keys
etc.
You can get VeraCrypt from its official site:
https://www.veracrypt.fr/code/VeraCrypt/
For Linux, I recommend the command line version. There is nothing to
worry about, the terminal interface is almost fully interactive, so you
don't need to remember any complicated parameters.
veracrypt --help will write out, besides special parameters, the few
commands you'll need, such as to create a new volume, mount a volume,
dismount a volume etc.
Also, while creating the volume, the challenge to write 300 random
characters on keyboard to randomize the numbers generator is somewhat
more realistic for us than waving a mouse above a window in gui version,
so this is another reason why I personally prefer tui here.
Best regards
Rastislav
On 10. 1. 2021 12:39, Reece O'Bryan via orca-list wrote:
good morning! Does anyone have recommendations as to Accessible applications that can encrypt files?
Somewhat unrelated, but I have a hunch that anyone answering the above question may answer this one as
well, but is there a possible way to make freenet accessible?
Thank you,
-Reece
_______________________________________________
orca-list mailing list
orca-list gnome org
https://mail.gnome.org/mailman/listinfo/orca-list
Orca wiki: https://wiki.gnome.org/Projects/Orca
Orca documentation: https://help.gnome.org/users/orca/stable/
GNOME Universal Access guide: https://help.gnome.org/users/gnome-help/stable/a11y.html
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]