Technical security specifications
Cryptographic algorithms used in Xidie
By default Xidie use Rjindael encryption algorithm also known as AES (see the
description bellow). Xidie have implemented the AES algorithm for encryption at its
longest (strongest) key length, currently 256 bits. The implementation is compliant with
the FIPS 197 recommendation. All interfaces and modules where encryption algorithm isn't
specified use AES encryption algorithm at 256 bits key size. On advanced interface user
could change encryption algorithm by choosing from this list:
Classic encryption algorithms implemented:
- AES (Rjindael)
- DES
- Triple DES
- RC2
Proprietary encryption algorithms:
- DX257
- DX1023
- DX8191
- DX100000
AES (Advanced Encryption Standard) The AES is a cryptographic algorithm that was
approved by the US National Institute of Science and Technology (NIST) as a replacement
for the Data Encryption Standard (DES) which had been approved for the encryption of
financial information since the late 1970's. NIST held a public competition for a
replacement, and a number of algorithms were proposed. One entrant, Rijndael (now known as
AES), was selected above the others and has been recommended as suitable for protecting
computer information.
Remember Xidie encrypt not only file data, but also other
sensitive archive areas: file names, sizes, attributes, comments and other blocks. Without
a password it is impossible to view even the list of files in archive encrypted in such
mode. And remember that if you lose your password, you will unable to retrieve the
encrypted files, not even the Xidie author is able to extract encrypted files.
Top
Public key encryption algorithm
For secure communication Xidie have implemented an original Public key algorithm MDX
developed by author (not published yet). This is a new solution that takes the PKI
concepts a stage further. It enables even the smallest enterprise or community to get into
the PKI space without supplementary costs that are associated with public key
technologies. You can generate, operate and manage public and system keys without
especially knowledge and without any additional costs and you don't need to purchase key
pair from a publicly recognized authority.
Top
Hash algorithms
As hash algorithm (also known as digest algorithm) Xidie use by default SHA512 but also
implement other four digest algorithms (SHA384, SHA256, SHA1 and MD5) from you could
choose on advanced interface.
Top
Steganography algorithms
There are three different techniques you can use to hide information in a cover file
and Xidie use all of them in different carrier types (for more details read "Xidie
algorithms, technique and carrier files" section.
1. Injection (or insertion). Using this technique, you store the data you want to hide
in sections of a file that are ignored by the processing application. By doing this you
avoid modifying those file bits that are relevant to an end-user-leaving the cover file
perfectly usable.
2. Substitution. Using this approach, you replace the least significant bits of
information that determine the meaningful content of the original file with new data in a
way that causes the least amount of distortion. The main advantage of that technique is
that the cover file size does not change after the execution of the algorithm. Among the
substitution techniques, a very popular methodology is the LSB (Least Significant Bit)
algorithm, which replaces the least significant bit in some bytes of the cover file to
hide a sequence of bytes containing the hidden data.
3. Generation. Unlike injection and substitution, this technique doesn't require an
existing cover file-this technique generates a cover file for the sole purpose of hiding
the message.
Top
Steganography: supported carrier files
- Image carriers. There are two modes from you could choose to hide information in image
carriers: stretched and un-stretched images. For image carrier files Xidie use
substitution method using LSB technique. Supported image formats: Bitmap (.bmp), JPEG,
GIF, PNG. Image captured from screen and images captured from web-cam
- Tiff documents Xidie offer three methods to hide data in Tiff documents: Direct in a
tiff document, in a new tiff document using a frame extracted from a tiff document
(stretched or un-stretched image) Sounds carrier There are two sounds formats that you
could use as a carrier file in Xidie: Wave sounds and MP3 sounds. Also Xidie could use as
a sound carrier file wave file directly recorded
- Microsoft Office carrier With Xidie users could select any Office documents as an
carrier files:Microsoft Word documents; Microsoft Excel workbooks; Microsoft Access
databases; Microsoft Power Point presentations
- Other documents Supported formats are: Text files (.txt) Rich text formats documents
(.rtf) HTML documents (.htm, .html) PDF (.pdf) Dictionary: tab delimited text format(.txt)
Dictionary format (.lex) Subtitles files in .srt and .sub format
- Alternate data streams (ADS): attach to a folder or attach to a file.
- Attach method By using the attach method Xidie could transform any file from your system
into a carrier file regardless file extension or format. Two methods available: attach to
a single file or attach to multiple file.
- Cookies There are several ways in Xidie to hide information using cookies: Auto-create
and save cookies allow user to generate cookies from a document. Another way: scripts that
will create cookies on site visitors. Xidie allow user to create new scripts (PHP, ASP or
ASPX) or to inject code that create cookies in existing scripts (PHP, ASP or ASPX).
- Video movies New movies by recording screen activity.
- Other carriers This section contains three new unique methods to hide data into three
unusual carriers: Microsoft Management Console files (.msc); Registry keys; Event log file
Top
Delete methods
There are four major delete methods for destroying your data. By default Xidie use DoD
method but user could choose from any of the other methods:
- Delete Only Files will only be deleted, not overwritten. Due to the fact that if files
are deleted, their original contents remain un-erased on the hard disk for an uncertain
time, this method is not recommended.
- Simple Files will be overwritten once with static random data.
- DoD Method The original data will be deleted by overwriting it according to the
NTSC-TG-025 regulations (Version 2, Sep 1991). This is the recommended delete method.
- SFS Method This method overwrites 35 times with special patterns killing every
information on a magnetic storage.
Top
2_thumb.jpg)
