-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathgui-instructions.txt
120 lines (93 loc) · 4.97 KB
/
gui-instructions.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
The gui.py uses easygui to create a simpler method of use for non-technical users.
1. Create codebooks (if you are the cryptokey issuer)
Select "Generate codebooks"
Select which codes to generate (usually All)
Select which format to generate
NOTE: You should pick ONE method of using this system:
A. Pen and Paper, using printed PDF or TXT format sheets that you physically cut out codes from once they are used.
B. Airgapped computer using the ECCS GUI and Pickle files.
Doing both and having multiple copies of codebooks would create the danger that the codes are not securely cleared from
all of them immediately once used. Multiple parties do not have to use the same method as messages encrypted on a computer
can be decrypted by hand, and vice versa, obviously excluding AES messages, but a single party should not mix them.
Generated codepads will be in the "codebooks folder" with names such as "2022-05-12_28834_auth.pickle"
The filename is obviously the date created, but also the key ID.
2. Select codebooks to use
Select "Select codebooks"
Enter the date and key ID that is in the filename, for example: 2022-05-12_28839_auth.pickle
Date: 2022-05-12
ID: 28839
ECCS-GUI will now use those codes
3. Menu options
AES Encrypt
Will ask you "Choose key mode"
Plain key: plain base64 key entered from paper or text
Pickle keys: .pickle file that will have the key wiped automatically after
Generate one: will generate and give you an encryption key and initialization vector, copy and save these
Enter your message
Will give you a PEM encoded message like following
-----BEGIN AES MESSAGE 82208 A1A2B1-----
PibfJjEUEv9KXPIe77k7jw==
-----END AES MESSAGE 82208 A1A2B1-----
The header contains the Key ID, the 2 key codes and the IV code, so you know that to decrypt you need the A1 and A2 key halves and B1 as IV from codebook 822308
You must not change the message header
AES Decrypt
Same as Encrypt but you input the encrypted message
AES File Encrypt
Same except AES Encrypt except you select a file instead of entering a message
The file will be encrypted and saved as [filename].enc
AES File Decrypt
Same as above but you select the encrypted file
Decrypted file will have the .enc extension removed
One Time Pad Encrypt
This requires pickle files
Will encrypt a simple text message (few special characters allowed, see CT46.png)
The resulting message will look like: 822080000156741233206175865947
82208: the codebook ID
00001: the pad ID
56741: the first 5 digits of the pad (not used for encryption, only validation)
233206175865947: the actual encrypted message
The encryption system uses the brevity codes to shorten the length of the message
The system will automatically wipe the used pad
One Time Pad Decrypt
See above, simply enter the encrypted message and the system will automatically decrypt it and wipe the used pad
Authentify
Enter a verification code (example: A01) and you will get the corresponding authentification code (example: M39KD), or vice-versa
The system will automatically wipe the used code
RSA-AES Encrypt
Requires RSA keys, a secret key (for the sender) and a public key (for the receiver)
Select your secret key and enter the password
Select the receiver's public key
Enter the message
The output will be encoded in base64
RSA-AES Decrypt
Same as above but you input the encrypted message
RSA-AES File Encrypt
Same except AES Encrypt except you select a file instead of entering a message
The file will be encrypted and saved as [filename].enc
RSA-AES File Decrypt
Same as above but you select the encrypted file
Decrypted file will have the .enc extension removed
Generate RSA Key
Will generate an RSA-PKCS key
Enter the key filename
Enter the key size, choose 2048 (safe), 3084 (extremely safe) or 4096 (practically unbreakable)
Enter your passphrase that will encrypt the file
File XOR-OTP Encrypt
WIP
File XOR-OTP Decrypt
WIP
Generate XOR-OTP Key file
WIP
Steghide Embed File
WIP
Steghide Extract File
WIP
Select codebooks: see above
Generate codebooks: see above
Securely wipe file
Uses shred to securely shred a file
DESTROY CODEBOOKS
Using shredcodes.sh this will securely wipe all codebooks, you will be asked for confirmation first. The script can also be run stand-alone.
TEST MODE TOGGLE
This is an UNSECURE debug mode which allows the re-use of codes, they will not be deleted from the files. Do not use this in a live environment. Controlled by "args_keeppad = True" in the code.
Exit