Encrypt/Decrypt Beginner Questions

Question

I've never done any encryption or decryption, so I decided to jump in and try to make something similar to FolderLock. The following questions are mostly design questions, but have some coding questions mixed in.

http://www.newsoftwares.net/folderlock/

Regardless, I'm at the initial stages and had a few preliminary questions.

1. When you encrypt a folder, you are really encrypting all files inside the folder, and not the folder itself, as a folder cannot be encrypted. Is that correct?

2. Also, I have written my encrypt/decrypt code, but I want to incorporate a password along with that. My plan is to, when the user selects a folder/file for encryption, have them set a password that will be linked to the key needed to decrypt the folder/file. Good idea or bad idea? Anyone have a better suggestion? I'm debating having one password for the program itself that would unlock any encrypted file/folder as well...

3. How do I change a folder in Windows 7 (that I have encrypted) to ask for a password when it is opened, rather than just opening and showing all the encrypted files?

4. Lastly, when you encrypt a file, (with how my code is written currently) you end up with the original file that you encrypted and the encrypted version of that file. I'm sure I know the answer to this, but do I delete the original version and leave the encrypted version? What if, for some reason, the decrypt fails and I don't have a backup of my file? Should I create file backups as well?

Thanks for any help! I did attempt to google search the above questions, but it seems most people who are doing this are at a much higher level than me, so I didn't find many helpful answers.

EDIT: Let me just explain that while I'm trying to create something similar to FolderLock, this is ONLY for my education. I'm not trying to create a commercially viable application, just doing something fun and learning at the same time.

Answer 1

1. A folder is just an collection of files. As far as your application may be concerned, it can just encrypt the contents of the folder.
2. You should use the password to derive the key. In .NET you can do that with Rfc2898DeriveBytes. This means you aren't even storing the key. The password is the key. Never keep the key yourself if you can avoid it. That way, the ONLY option for an attacker is brute force; reverse engineering would not produce anything useful.
3. You'd probably have to write a shell extension to do that. That's entirely a different subject. (I hope you are comfortable with COM Interop / PInvoke).
4. This all depends on how much "verification" you want. You could, for example, compute a SHA-256 hash of the original file; encrypt it; then decrypt it; hash the decrypted file; and make sure the hashes match. The trick will be doing all of this as an atomic operation. You may also want to store the SHA-256 of the unencrypted file (even after to remove the unencrypted contents) so that when you decrypt it later; you can verify it was done correctly. You're using the hash as a checksum in this case.

Answer 2

How you encrypt files and folders is not a question with a single answer. You can encrypt files in roughly three different levels when we are talking about a Windows environment:

1. Hard disk Encryption: In this case you encrypt the full harddisk and this means that the disk as a whole is encrypted. BitLocker is an example of this. In this case you encrypt everything except the master boot record. Every byte that gets written to the harddisk is encrypted, including the operating system.

2. Filter Driver or File system Encryption: You can write your own filter driver or filesystem driver to encrypt and decrypt files selectively and transparently as they're written to disk. Most business targeted encryption solutions offer this kind of functionality. Microsoft have their own solution in the form of Encrypting File System. The benefit of this is that it is much better integrated with the OS, the encrypted files and folders look like normal files to all the other applications. TrueCrypt is another program that does this kind of encryption, and it's open source so you might want to take a peek at it.

3. Application Level Encryption: You can also encrypt files as I would like to call, on the application level. You can't get further than this level if you don't write your own filter driver. This means that you encrypt a file, in a similar way that you would compress it with say, WinZip. The encrypted file is visible to other applications as a file of a different format, not the original format. Essentially it's not much different than compressing a file with WinZip/WinRAR, except instead of compressing you encrypt it. If you would compress a folder with WinZip, it would still be compressed into a single file. Same with encryption if you would do it at this level. You can write shell extensions for Windows Explorer that would make it "look" like a folder, but in essence it would still be a single file, and you would not be able to "save as.." into that folder from another application. You would also probably need to offer a GUI for browsing a folder if you double click that file, for example.

I assume that you are looking to write an application that is going to do encryption on the application level. In this case you should be aware of the limitations of this approach as I mentioned above.

As for your questions:

1. You can encrypt the folder into a container, again think WinZip/WinRar, or you can encrypt each file in the folder individually into their seperate file.

2. For password / key usage, my recommendation is to have a random key to encrypt the actual data. Then you encrypt this key with keys derived from one or more passwords, in separate keyslots. This will allow you to have multiple passwords for a file. As for algorithm, I recommended AES-128, as it is a well proven and very fast algorithm. To use AES you need to create a key and IV that are of a specific length (128 bit each of AES-128). The best way to create these keys is to use Rfc2898DeriveBytes with an actual password that is input by the user. Don't forget about HMAC which you should use to verify that the actual decryption of the file was correct. You can use HMAC to only verify that the random key was decrypted correctly, which means you don't need to run HMAC over the whole content.

3. For this you would need to write a shell extension, but this will only get you so far. You won't be able to save a file from word into your encrypted folder for example, as this will in reality be just a container format for encrypted files.

4. I would suggest that you leave it up to the user to create backup of files. Any files deleted also should be wiped securely, as a simple delete is not enough to remove all the traces of a file from the filesystem.