miniLock - Drag-and-Drop Encryption
Drag-and-Drop Encryption miniLock
The encryption project named minilock, is a free and open-source program plugin witch lets anybody encrypt and decrypt files in seconds utilizing drag-and-drop interface. minilock offers a region where your files should be dropped and it works with all file types, from multimedia to documents and even items stored on a USB drive. You can also use it to secure your Dropbox or Google Drive.
The tagline is that this is file encryption that does more with less. It’s super simple, approachable, and it’s almost impossible to be confused using it Nadim Kobeissi
miniLock encryption program relies on asymmetric encryption, just like PGP, which requires two separate cryptographic keys, public key and private key, for encrypting and decrypting the information. Users share the public key with the one who wants to send them files securely, while the private key is always with the user protected. With miniLock, user just needs to enter a passphrase, from which the program will derive a public key, called a miniLock ID, and a private key, which is never been seen by the user and gets vanished when the program get closed. Both generated keys are same every time the user enters the passphrase.
“No logins, and no private keys to manage. Both are eliminated. That’s what’s special. Users can have their identity for sending and receiving files on any computer that has miniLock installed, without needing to have an account like a web service does, and without needing to manage key files like PGP.” Nadim Kobeissi
Because miniLock uses an elliptic curve cryptography MiniLock IDs are 44 characters long. This small size of keys makes the sharing possible through different communication channels such as a Twitter post or even a phone SMS message.
This trick of generating the same keys again and again in every session, makes the application usable on any computer without getting worry about the safety of storing the sensitive private key. Additionally, the automatic generation and management of the public and private keys are exactly what makes the miniLock program easy to use even by an average user who always looks for a simple as well as secure solution to protect their information when sending it over the web.
miniLock is a small, portable file encryption software. The idea behind its design is that passphrase memorized by the user, along with their email address, can act as a complete, portable basis for a persistent public key identity and provide a full substitute for other key pair models, such as having the key pair stored on disk media (the PGP approach).
Advancements in elliptic curve cryptography, specifically in systems such as
curve25519, allow us to generate key pairs where the lengths of both public and private keys are relatively very small. This means that public keys become far easier to share (miniLock public keys, called miniLock IDs, fit inside less than half a tweet). This also means that a human-memorizable passphrase of adequate entropy can be used as the basis for deriving a private key.
When first opened, miniLock asks the user for their email address and a passphrase which it then uses to derive the user’s private and public keys. Via this model, the user can establish their key pair on any computer that has miniLock installed using only this passphrase, without having to manage key files or identities and so on. Thanks to the small key sizes present in
curve25519, we are guaranteed small, easily tweetable public keys and private keys that can be derived from passphrases. miniLock also contains checks to ensure the passphrases entered by the user are of sufficient entropy. miniLock will refuse weak passphrases completely and instead suggest stronger passphrases for use by the user.
miniLock then allows the user to encrypt files to other miniLock users via their miniLock IDs and decrypt files sent to them. miniLock’s encryption format supports encrypting a single file to multiple recipients with a negligible increase in file size. Another feature is that analyzing a miniLock-encrypted file does not yield the miniLock IDs or identities of the sender or the recipient(s). Upon decryption, a legitimate recipient will be able to know and verify the identity of the sender, but will still be unable to determine the identity of other potential recipients.
miniLock file encryption provides both confidentiality and integrity. miniLock uses the TweetNaCL cryptography library, ported to JavaScript, entirely due to its focus on simplicity, auditability and small size. Similarly, miniLock is designed to be as simple, portable, auditable and usable as possible. miniLock also uses scrypt for “memory-hard” key derivation.
Post a Comment