I have been designing a civil solution for keeping a couple of encrypted files on multiple devices for my wife and myself. These files would contain our personal information, such as VIN numbers, account numbers, etc. for use as we travel around town and do business. It's important to us to always maintain control over our information, and to never let it pass in plain text over the internet.
I found a nice data hosting service that will encrypt files locally before uploading, but as a civilian, I have no guarantee that is what the software is doing. I would like to be able to use a separate tool to encrypt my files, then launch them into the cloud for storage.
Here's the problem, though. I can't seem to find an encryption/decryption tool that will run on Windows (7), Mac (10.x), and Android (2.x and up). We have multiple desktop systems for various uses at home, and multiple Android devices for various uses as mobile devices (new smartphones being the newest addition to our growing stable).
Here's my question:
Could AES Crypt be used to encrypt a file (say, text or Word) on one device, then that file be stored using inline encryption in the cloud, then downloaded (and decrypted inline) to an Android device, then finally decrypted out of AES Crypt?
I would like to be able to use a standalone copy of AES Crypt on each device to encrypt/decrypt/access this common file on each various device, requiring that only the password be known to the user of the device.
Wouldn't that require a standalone version of AES Crypt for Android?... and, may I kindly request such a version?
Or, are there problems with this plan that I have missed?
Thank you.
Bohamut
Android Version?
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: Android Version?
AES Crypt certainly aims to be cross-platform and it's definitely open. Unfortunately, we do not have an Android version. Perhaps if somebody in the open source community wanted to tackle that as a project, it might be well-received. As of now, though, nobody has volunteered to take on the task.
Re: Android Version?
Perhaps I can persuade you?
From the Android Developer website:
Android will ship with a set of core applications including an email client, SMS program, calendar, maps, browser, contacts, and others. All applications are written using the Java programming language.
And from the Packetizer/AES website, a link:
AES Crypt source code and binary (Java)
It might be easier than you think.
It also might be harder than I think, not being a programmer myself...
Thanks, again.
From the Android Developer website:
Android will ship with a set of core applications including an email client, SMS program, calendar, maps, browser, contacts, and others. All applications are written using the Java programming language.
And from the Packetizer/AES website, a link:
AES Crypt source code and binary (Java)
It might be easier than you think.
It also might be harder than I think, not being a programmer myself...
Thanks, again.
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: Android Version?
In order to use the Java code, one must have Java libraries that are only available from Oracle (formerly Sun). That is the code that actually performs the AES Encryption. To port AES Crypt to Android, we would have to have some publicly available source code to replace the calls into the Oracle libraries.
Even then, that's just part of the work. One still need to write the program to work with Android. Doing the encryption is just part of it.
It would be a fun project, unfortunately I don't have time to work on it. Nothing can really persuade me, since no time == no time Perhaps one day when I find time, I might take on the challenge, but it will not be soon. That said, AES Crypt is the collective effort of several individuals. Perhaps one of the other contributors or even a new contributor would like to make it happen. It would certainly be a useful tool, no doubt.
Even then, that's just part of the work. One still need to write the program to work with Android. Doing the encryption is just part of it.
It would be a fun project, unfortunately I don't have time to work on it. Nothing can really persuade me, since no time == no time Perhaps one day when I find time, I might take on the challenge, but it will not be soon. That said, AES Crypt is the collective effort of several individuals. Perhaps one of the other contributors or even a new contributor would like to make it happen. It would certainly be a useful tool, no doubt.
Re: Android Version?
I just tried the Java code with Android for kicks, and it compiles fine, except that the NetworkInterface.getHardwareAddress() call does not exist in the Android Java library, but there are other unique values that can be used for seeding the PRNG on Android.
But, as Paul points out, having an encryption routine does not make it an Android app.
I can probably make a small open-source app with a little text box and a file browser that will read/write encrypted text files, stored on the SD card. You can then use whatever other tool to upload/download the encrypted files. But there are already a large set of apps on Android that does something similar, but using other file formats: http://www.androidzoom.com/android_appl ... +text+file
Some candidates that look promising:
APG => https://market.android.com/details?id=o ... ndroid.apg
Encrypted Notepad => https://market.android.com/details?id=net.ivoras.enotes
Unless there is some specific reason to use AESCrypt (other than that it is cool ), I would say that rolling yet another encrypted notepad app is not worth the time.
But, as Paul points out, having an encryption routine does not make it an Android app.
I can probably make a small open-source app with a little text box and a file browser that will read/write encrypted text files, stored on the SD card. You can then use whatever other tool to upload/download the encrypted files. But there are already a large set of apps on Android that does something similar, but using other file formats: http://www.androidzoom.com/android_appl ... +text+file
Some candidates that look promising:
APG => https://market.android.com/details?id=o ... ndroid.apg
Encrypted Notepad => https://market.android.com/details?id=net.ivoras.enotes
Unless there is some specific reason to use AESCrypt (other than that it is cool ), I would say that rolling yet another encrypted notepad app is not worth the time.
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: Android Version?
There are some good reasons for wanting an Android app that reads/writes the AES Crypt file format. I'd like to have one myself. Where I would like use AES Crypt for Android is when transferring files to the phone or tablet via services like Dropbox, and doing so without the fear that somebody might hack into my Dropbox account and/or convince a customer service rep to hand over the password.
Re: Android Version?
Paulej, you are quite correct that using a single file from Dropbox would make storage of AES encrypted private information a breeze for remote users. That was what I hoped to find.
Kenkendk, Thanks for the pointers to alternative solutions. I am, in fact, currently using APG for the Android end of this system. It's working okay, but could be a little simpler for the end-user to invoke decryptions.
Insofar as writing another notepad app, perhaps AES Crypt for Android could hook an existing file browser (such as Astro, an excellent product) for its file management use, and also call an existing text editor for base file creation and display (Jota is also an excellent choice). I suspect this would simplify the task of producing an Android version of AES Crypt, but, again, I'm not a programmer, so I really don't know if this idea would work.
My current goal is to administer the Private_File information from one desktop system, encrypt it, then overwrite the existing file in whatever single location is accesible to all devices. This makes administration of the base information much easier, since only one system needs to be bulletproofed for local storage and processing, and the others can use the AES file on a (hopefully) secure, as-needed basis, deleting the file when the current access/task is complete. This method should lessen the possibility of the unencrypted file falling into the wrong hands.
The only other piece of this puzzle would be a sniffer program running on each client to intercept malware attempts to tap into AES Crypt, or to sniff the system bus (or some such method) in order to get access to the private information. Of course, that is an entirely different project, and not a simple one.
Once again, Thanks!
Bohamut
Kenkendk, Thanks for the pointers to alternative solutions. I am, in fact, currently using APG for the Android end of this system. It's working okay, but could be a little simpler for the end-user to invoke decryptions.
Insofar as writing another notepad app, perhaps AES Crypt for Android could hook an existing file browser (such as Astro, an excellent product) for its file management use, and also call an existing text editor for base file creation and display (Jota is also an excellent choice). I suspect this would simplify the task of producing an Android version of AES Crypt, but, again, I'm not a programmer, so I really don't know if this idea would work.
My current goal is to administer the Private_File information from one desktop system, encrypt it, then overwrite the existing file in whatever single location is accesible to all devices. This makes administration of the base information much easier, since only one system needs to be bulletproofed for local storage and processing, and the others can use the AES file on a (hopefully) secure, as-needed basis, deleting the file when the current access/task is complete. This method should lessen the possibility of the unencrypted file falling into the wrong hands.
The only other piece of this puzzle would be a sniffer program running on each client to intercept malware attempts to tap into AES Crypt, or to sniff the system bus (or some such method) in order to get access to the private information. Of course, that is an entirely different project, and not a simple one.
Once again, Thanks!
Bohamut