 Master Key...Insertion, Enhancement, Derivation and Evaluation |
Speedcrypt offers two distinct protocols for entering Master Keys. The first, more rigid one, accepts the input of a Master Key through the Drag and Drop technique. The second involves classic input, meaning typing your password into a text box. You can visit this page on the website to learn how to enter Master Keys via typing. Regarding the Drag and Drop technique, the primary key should be stored on the hard drive or an external memory. The latter option is preferable and makes the key much more secure against potential keylogger attacks. Create highly complex passwords, as you can do this without the mnemonic effort required during normal typing. Let's now explore some advantages offered by this technique:
Enhanced Security: By using the Drag and Drop method, you minimize the risk of keyloggers capturing your Master Key. Keyloggers are malicious programs that record keystrokes, including passwords typed on the keyboard. Since you're not typing the Master Key directly, it adds an extra layer of security against such threats.
Convenience: Dragging and dropping the Master Key file or content is a simple and convenient process. It eliminates the need to remember complex passwords and type them accurately, reducing the chances of input errors. This method is particularly helpful when dealing with long and intricate passwords.
Overall, the Drag and Drop technique offers improved security and ease of use, making the process of inserting the Master Key into Speedcrypt more efficient and user-friendly.
Insertion
Enhancement
Derivation
Evaluation Insertion |
To insert the Master Key into the dedicated panel you need to have prepared a list of files to be encrypted or decrypted. Only then will Speedcrypt allow you to enter the password that will be used to encrypt or decrypt the specified file list. In the following example, we assume that you have a string of characters located at position F:\ which represents an external memory connected to your computer. You can use any text editor to create this file and save it with the given name. Once the file is created, make sure it is stored in the desired location, such as the F:\ drive or any other location you prefer. The name of the file will become our Master Key: WHzc95j@#Qn71!PxSU$.txt and when it is dragged into the appropriate panel, it will be interpreted by Speedcrypt as follows:
- F:\WHzc95j@#Qn71!PxSU$
It is important to note that the password is sufficiently strong, consisting of 22 characters. Once it is dragged into the Speedcrypt panel, the program will take it over and analyze the string to determine certain parameters and take action if necessary.
 Enhancement |
Whenever a Speedcrypt Master Key is inserted, it helps the user to make the key as strong as possible, transforming it initially with fill characters at the beginning and at the end of the inserted string. At the beginning of the string the references linked to the unit from which the Master key is dragged are cut. The Master Key undergoes a first transformation. The character relative to the membership unit is replaced with the standard suffix proposed by Speedcrypt ($%&). This is done not only for enhancement purposes but also for practical reasons. In fact, it would not be possible to confirm the starting position relative to the drive where the Master Key is composed because when using external drives on different computers, the reference letters would not match. It should also be noted that Speedcrypt employs a padding strategy for the entered Master Key, following the following approach:
- If the string is less than 16 Characters it is filled up to 16
- If the string is greater than 16 Characters and less than 32 it is filled up to 32
- If the string is greater than 32 Characters and less than 64 it is filled up to 64
- If the string is greater than 64 Characters and less than 128 it is filled up to 128
Filling is done via the Blake 256 HASH Function, which adds the characters needed to reach the above numbers. By doing so, Speedcrypt aims to strengthen even weakly composed Master Keys, minimizing the potential vulnerabilities that could compromise the security protocol. In our case the string is more than 16 Characters but less than 32. It is therefore necessary to fill the Master Key to 32 Characters.
 Derivation |
Once the Master Key has been strengthened it is subjected to the actual process of derivation through the HASH Function selected by the user. To perform the procedure a random SALT is generated to add to the string. Again the user will select the most appropriate generator. For our example we will rely on the generator Fortuna with Base 64 output and a derivation with Argon2id:
- The drive letter of the originating unit is replaced with the suffix: $%&:\WHzc95j@#Qn71!PxSU$ (24 Characters)
- The Blake 256 derivation function is executed: 6d921395ef706de203d7b0ceb5a5ed6296b6d2279e2a8d050712dc034d1a9022 (The first 8 characters will be extracted).
- They are added to the Master Key: $%&:\WHzc95j@#Qn71!PxSU$6d921395 (32 Characters)
- The SALT is now added: KFsfwSQTd4AXmX/L$%&:\WHzc95j@#Qn71!PxSU$6d921395 (48 Characters, Very Strong!)
- The new Master Key is derived using Argon2id: 3cf8da1d824d3da5656ed5adb68d101cfef5d5cd1eafcb0d6841e87fe5f56c26
It is the Master Key that Speedcrypt will use to submit files to the encryption and decryption process. Let's recap quickly, implementing the process within a scheme that we can organize into the following points:
- The Master Key undergoes a first transformation when it is inserted. The unit of ownership is replaced with the suffix $%&.
- Based on the number of characters that compose it, filling characters will be added, obtained from the Blake 256 HASH Function: 16, 32, 64, 128.
- The resulting string, with the SALT, will undergo the final transformation process through derivation with a HASH Function selected by the user.
Speedcrypt does everything to enhance and make your passwords very strong, but it is up to you to enter a Master Key that is as complicated as possible, bearing in mind that you don't have to type anything but simply drag. This makes it much easier to remember the passwords you want to use. It is important to note that the Master Key is first derived without the SALT. Therefore, if you create a weak Master Key, it will be vulnerable to attacks such as Rainbow Tables. It is highly recommended to read further explanations and additional examples provided in the integrated Speedcrypt Project guide within the program.
 Evaluation |
Immediately below the Button Bar, positioned on the left, is the panel for entering the Master Key called Drag your Password. In this panel, you can drag your password to start an encryption or decryption process.
As explained in the guide page, once the Master Key is entered, Speedcrypt takes custody of it and performs all the necessary steps to make it as robust as possible. After that, the entered character string undergoes an evaluation in terms of security strength:
 Labels |  Functions |
 Drag your password | Displays the number of characters making up the Master Key |
 Calculation Time | Display the time spent on the evaluation the Master Key |
 Crack Time | The time it takes to discover the Master Key |
 Crack Time Display | The time required to discover the Master Key calculated in seconds and more |
 Entropy | The calculation of the Bits of entropy in the Master Key |
| Score | The score assigned to Master Key |
Speedcrypt uses the famous evaluation tool called Zxcvbn to assess the strength of the entered Master Keys. This tool evaluates password strength using the same criteria as programs that crack them. Zxcvbn uses Pattern Matching and Conservative Estimation, recognizes and evaluates over 30.000 common passwords, common names, and surnames based on US Census data, popular English words from Wikipedia and TV, US Movies, and other patterns such as dates, repetitions, sequences, Keyboard Patterns, and l33t Speak.
Zxcvbn is a very good algorithmic alternative to the classic password composition policy: it is more secure, flexible and usable when a minimum complexity score is required instead of annoying rules such as the four mandatory elements in a password: Lowercase, Uppercase, Numbers, Symbols. For further detail and motivation, please refer to the USENIX Security '16 Paper and Presentation.
Note: Master Keys entered using the Drag and Drop technique are strengthened in the exact same way as those entered via keyboard typing. The difference between the two protocols is the method of input, and in the case of typed passwords, the ability to encrypt as many files as you want with just one Master Key.
When creating your Master Keys, if possible, do so on external mass storage devices, remembering that a Master Key can be the name of a file or a folder. Create strings that are as complex as possible. You can do this since you don't have to remember the characters, only their positions!