GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → RichardRMatthews → VSHG

RichardRMatthews / VSHG

Licence: MIT license
A standalone addon for GnuPG

Programming Languages

c
50402 projects - #5 most used programming language
shell
77523 projects

Labels

cryptographycryptogpgsymmetric-key-cryptographysymmetric-encryption-algorithm

Projects that are alternatives of or similar to VSHG

covert
An encryption format offering better security, performance and ease of use than PGP. File a bug if you found anything where we are worse than our competition, and we will fix it.
Stars: ✭ 20 (+11.11%)
Mutual labels:  crypto, gpg
Trezor Agent
Hardware-based SSH/PGP agent
Stars: ✭ 400 (+2122.22%)
Mutual labels:  crypto, gpg
Minisign
A dead simple tool to sign files and verify digital signatures.
Stars: ✭ 1,105 (+6038.89%)
Mutual labels:  crypto, gpg
gpg-serve-key
Serve a public/private GPG key over https
Stars: ✭ 30 (+66.67%)
Mutual labels:  gpg
SplitShare
Shamir's Secret Sharing Algorithm implementation in golang combined with PGP and a mail delivery system
Stars: ✭ 31 (+72.22%)
Mutual labels:  gpg
wp-pgp-encrypted-emails
🔐 📧 Encrypts WordPress emails using OpenPGP or S/MIME with a familiar API.
Stars: ✭ 35 (+94.44%)
Mutual labels:  gpg
airgap
Offline LiveUSB to generate and manage secret keys for things such as gpg, certificates, and cryptocurrency
Stars: ✭ 92 (+411.11%)
Mutual labels:  gpg
pgpverify-maven-plugin
Verify Open PGP / GPG signatures plugin
Stars: ✭ 42 (+133.33%)
Mutual labels:  gpg
keylist-rfc
🔏 turning the system behind GPG Sync into an Internet standard
Stars: ✭ 15 (-16.67%)
Mutual labels:  gpg
win-gpg-agent
[DEPRECATED] Windows helpers for GnuPG tools suite
Stars: ✭ 214 (+1088.89%)
Mutual labels:  gpg
mailserver
Simple and full-featured mail server using Docker
Stars: ✭ 88 (+388.89%)
Mutual labels:  gpg
CryptoKnight
CryptoKnight is a general purpose cryptography desktop app
Stars: ✭ 18 (+0%)
Mutual labels:  symmetric-key-cryptography
super-dollop
Encrypt your files or notes by your GPG key and save to MinIO or AWS S3 easily!
Stars: ✭ 58 (+222.22%)
Mutual labels:  gpg
openpgpkey-control
OpenPGP keys published on your website (WKD)
Stars: ✭ 36 (+100%)
Mutual labels:  gpg
rune
tool to query for tokens and passwords for use as environment variables
Stars: ✭ 13 (-27.78%)
Mutual labels:  gpg
sbt-gpg
Simple and secure artifact signing for sbt.
Stars: ✭ 51 (+183.33%)
Mutual labels:  gpg
GPGit
A shell script that automates the process of signing Git sources via GPG
Stars: ✭ 84 (+366.67%)
Mutual labels:  gpg
Limnoria
A robust, full-featured, and user/programmer-friendly Python IRC bot, with many existing plugins. Successor of the well-known Supybot.
Stars: ✭ 578 (+3111.11%)
Mutual labels:  gpg
TrezorSymmetricFileEncryption
🔒 Use your Trezor device to symmetrically encrypt and decrypt files
Stars: ✭ 16 (-11.11%)
Mutual labels:  symmetric-key-cryptography
keygaen
Sign, verify, encrypt and decrypt data with PGP in your browser.
Stars: ✭ 78 (+333.33%)
Mutual labels:  gpg
View All Similar Projects ➔

version issues forks stars License

VSHG - Hardware resistance & enhanced security for GnuPG.

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG's standared s2k key-derivation-function + a simplified interface for symmetric encryption .

screenshot

About VSHG

VSHG ( Very secure hash generator ) is a standalone Addon for GnuPG ( Gnu privacy guard ) . It is written as a shell script and is designed around the Unix/Linux filesystem and commands. VSHG uses the sha384 and the Argon2 hash function for the password and AES-256-CFB + CAST5-128-CFB in cascade for the final encryption.

And also a standard sha384 iteration count of 800 iterations + 15 & 500 iterations for Argon2i + d

It uses True random 12 byte salts . So even if your passphrase is very weak , it will reinforce it so that you don't have to worry about that anymore.

VSHG uses the last hash of the Iteration as session key for Gnupg. It also provides an Autodetection function for each file so that you don't have to remember either the salt or the iteration count.

Optionally you can use a key-file as authentication method.

Why is VSHG so secure ?

VSHG uses a true random salt for each encrypted file, so your Passphrase will always have a minimum of 12 bytes in strength. You could even use the same password twice for different files. The thing that makes VSHG so secure are the iterations. 800 iterations mean the output of the string is hashed 800x with its output. The more iterations the more security there will be. Even if you have the correct passphrase, but not the correct amount of iterations it will not be able to decrypt.

VSHG uses some of the most advanced forms of memory hard Key derivation functions which are Argon2i and Argon2d. The already iterated key will be passed through Argon2 a total of 515 times and therefore ensure the resistance against the biggest threats of Key derivation functions Namely: Graphical Processing Units, Field programmable gate arrays and Application specific integrated circuits ( GPU , FPEGA , ASIC ) .

The actual encryption is performed with the highest level of security possible in Gnupg.

-The string to key ( s2k ) hash algo ( which is the KDF of Gnupg ) was reinforced from sha1 to sha512.

-The s2k mode was set to 3 which means that an 8-bit salt is applied and then iterated.

-The s2k count was set to 65011712 which is the highest possible number of iterations.

-The s2k algo was set to AES256 and CAST5 in cascade.

The AES 256 encrypted file is securely deleted so that only the AES256(Cast5()) encrypted file is put out.

Why should I use VSHG ?

  • It is easier to use than GnuPG core.
  • Can encrypt folders by turning them into Zip files.
  • Someone that doesn´t have VSHG does not really have a chance of cracking the password.
  • True random 12 byte salt
  • choosable Iteration count.
  • choosable Salt.
  • choosable Keyfile.
  • True random Keyfile.
  • Very good resistance to side channel attacks ( e.g: timing attacks ).
  • Very resistant towards GPU based attacks
  • Can guarantee security even with relatively weak passwords ( > 5 characters ) ( if you have enough Iterations )
  • Autodetection of Salt + Iteration count for each file.
  • Military standard AES-256 encryption + the gpg standard CAST5 encryption.
  • Uses the gpg s2k mode 3 + sha512 with the maximum count of 65011712.
  • Erases Original file securely.

Download & Installation

  • Download as tarball

sudo wget https://github.com/RichardRMatthews/VSHG/archive/1.4.tar.gz

Or clone the repository

git clone https://github.com/RichardRMatthews/VSHG.git

  • Compile it yourself

sudo git clone https://github.com/neurobin/shc.git

cd shc

sudo ./shc -f -r /etc/VSHG/executable/src/VSHG_1.4.sh

sudo gcc /etc/VSHG/executable/src/VSHG_1.4.sh.x.c -O /usr/bin/VSHG

sudo VSHG

  • Run

sudo tar -xf VSHG-1.4.tar.gz

sudo chmod +x VSHG_1.4.sh

sudo ./VSHG_1.4.sh

Known bugs

  • Removal of original file will fail if there is a space in the path/name.
  • Encryption and zipping of folder will fail if the folder has a space in it's path/name.
  • Some temporary files like randomness are sometimes not removed properly after repeated usage.
  • problems with cleaning bash history

License

Code distributed under MIT licence.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].