cpdu 0.3.82b

richard dhemoiv richardenciu at gmail.com
Mon Aug 24 15:14:55 CEST 2009 

Name: cpdu
Version: 0.3.82b
Type: KDE Security
Depend: 
License: GPL
Homepage:
http://www.modulux.org/projects/projects.html
More Info:
http://www.kde-apps.org/content/show.php?content=92074

Description:
 Cryptographic Data Utility
Cryptographic Package Distribution Utility
is a secure command line file encryption tool that
allows for archiving encrypted files
with secure memory allocation, zlib and bzip
compression

it currently supports the following ciphers
aes/rijndael: 256 bit key, 128 block
twofish: 256 bit key, 128 block
blowfish: 448 bit key, 64 block
cast: 128 bit key, 64 block
serpent: 256 bit key, 128 block
tripledes: 168 bit key, 64 block

aes is default cipher

it has more room for improvement and in the future
will allow transferring encrypted files over the
internet using a server and client implementation,
the tar file has bcp(brutal copy) along with it so
you can use that for now to transfer encrypted
files however no public key implementation has
been added so there must be an high level key
transfer method.

notice: logging disabled in this version due to an
undefined bug.


Changelog:
 0.3.1b:
added aes/rijndael cipher
bugfixes
0.3.2b:
minor feature enhancements
important bugfixes
0.3.32b-bf#1:
important bugfixes
added new ciphers
bf#1:another important bugfix
0.3.4b:
important bugfixes
added recovery directory/database:
all files specified for encryption are stored in a
recovery database as plaintext for now, the
permissions on the recover directory are set to
0(zero) and recoverydb files will not be able to
modified or read unless permissions are changed by
the user explicitely
added security mode: for encryption, 
the '--secure, -f' flag specifies to not store
encrypted plaintext files in the recovery database
for the session
0.3.4b-bf#1:
important bugfix
0.3.5b:
important bugfixes
added new option ' --masterkey, -m':
all encryption keys are written in a master key
list in the '~/.cpdu/.keystore' directory. any
encryption key used can be used as a session key
in a decryption session simply by using the '
--masterkey, -m' flag. the program searches for
the appropriate key based on hash data in the
encrypted file.
it is not encrypted internally but to make it a
point, it is "exportable" so you can save it when
you leave for a while to an external media/disk to
keep files safe. this way you will never lose your
encryption keys as well as making the program much
more useful.

an example is when we encrypt the file
'hackermeeting.mpg' with:
cpdu -ep hackermeeting.mpg -f
afterwards we can use the -m flag to decrypt with
the proper key without having to type it in:
cpdu -dmp hackermeeting.mpg
then you can cut/move the key list to an external
media for security.

remember to read the README-0.3.5b in the source
directory

0.3.5b-bf#1:
important bugfix

0.3.6b:
very important decryption bugfix
added generate random keyfile
added use file/keyfile for session key
bugfix

0.3.7b:
header information is now encrypted so margin of
security for cpdu is now high level in tandem with
compression primitive
base64 is disabled until bug is fixed

0.3.8b:
bzip compression added
bzip works but sometimes there is zero byte
truncation of files so i added a simple loop into
the decompression routine again. is there
randomization in bzip ? probably not...

bf-1: serious bugfix sorry but i didnt know about
somthing that could hurt alot of encrypted files,
its actually not that bad if you have encrypted
files without the compression flag and you get the
error truncation detected just do the following:
add // in front of line 665,
if ( vencrypt[0] > 0 ) decompress = 1; else
decompress = 0;
and make it
// if ( vencrypt[0] > 0 ) decompress = 1; else
decompress = 0;

then decrypt the files and then change the line
back to,
if ( vencrypt[0] > 0 ) decompress = 1; else
decompress = 0;

bf-2: improved encryption/decryption routine to
handle crypt blocks correctly

bf-3: improved progress info code

0.3.81b:
permission bugfix
progress update fix
client/server code in progress...

0.3.82b:
added create volatile key...
this option enables making low length/entropy keys
to full keyspace keys with secure random
(volatile) key data and commits the new volatile
key to the key database... this is dangerous if
you accidentally missplace the keydb or delete it
but accordingly makes all low entropy keys full
entropy and allows them not to be lost...
this is good key security/management practice and
makes the program much more secure

client/server code in progress... need coder help
if anyone wants to help me with it....

0.3.83b-cygwin:
latest version for cygwin and hopefully linux due
to not being able to utilize a linux machine. ive
been using windows for a while becuase my computer
had gotten stolen. archiveing updates have been
made like an auto naming feature for naming
archives with the first specified file specified
on the command line or the directory specified to
be archived if a directory is specified. also
there is a -A archive feature to manually specify
an archive name and if an extension is not
specified the ext. '.cpdu.ar' will be used. so -a
is for autonaming archives with first file entry
name and -A is for direct specification of an
archive name. also i added a wipearchdir, -W flag
for wiping encrypted archive directories after
archive creation. the entries are secure wiped....
progress updates have been made also as well as
program status updates iterating program status
while running




JOB RECOMMENDATION:
------
Praktikant Programmierung/Marketing
openDesktop.org - h i v e 01 gmbh - trainee
 http://www.KDE-Apps.org/jobs/?id=109
------
Trainee Software Entwicklung openDesktop.org - h i
v e 01 gmbh - trainee
 http://www.KDE-Apps.org/jobs/?id=370

more jobs: http://www.KDE-Apps.org/jobs/

More information about the Kde-announce-apps mailing list