In the final year of my Computer Science degree we had to create a project – one thought up, designed, and implemented completely off our own backs. Having always been an advocate of ‘privacy as a right’, I decided to create a public-key encryption system for beginners, written in Java. This was iCrypt.There are many people who believe that encryption systems available to the public are a bad thing and usually cite the common retort of “If you aren’t doing anything wrong, what do you have to hide?” to those who use it. Bruce Schneier sums up his thoughts well with the following:
“[Clever replies to this retort are] “If I’m not doing anything wrong, then you have no cause to watch me.” “Because the government gets to define what’s wrong, and they keep changing the definition.” “Because you might do something wrong with my information.” My problem with quips like these – as right as they are – is that they accept the premise that privacy is about hiding a wrong. It’s not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.”
I’ve always said that not using encryption is like writing a postcard every time you send a piece of mail – it’s OK for a lot of items but would you send a love letter on one? How about private medical data or your bank details? Encryption is a method that’s available to everyone and allows them to exercise their inherent right to freedom and privacy. Besides, outlawing encryption is no method of weeding out those undertaking illegal activities. If someone is breaking the law, what will it mean to them to break another law to protect themselves from further (and worse) prosecution? A criminal or terrorist is going to use encryption whether it is illegal to or not.
If privacy is outlawed, only outlaws will have privacy. – Phil Zimmermann
iCrypt was designed to be a lightweight beginners tool – an entry-level program to encryption that worked at a relatively high speed while still allowing an adequate level of security. As you can see below, the main screen is uncluttered in order to not confuse any users.
The iCrypt source code and program is distributed under the GNU General Public License. You can download the GPL here. The GPL is also included with each download.
Please be wary of your country’s laws regarding cryptography programs capable of strong encryption (like iCrypt). This program is illegal to own and use in Russia and many other countries. You can, and will, be prosecuted. In some countries, downloading this program is treated as importing munitions. PLEASE, check your country’s policy on this before downloading.
iCrypt is capable of producing up to 4096-bit keys. This strength of encryption is sufficient for government classified information and way beyond the reasonable use for an individual – it is available mainly for the curious. A 1024-bit key is also more than sufficient for personal users as it is only breakable using theoretical hardware. What key size to use depends on what strength of security one is looking for. A 256-bit key can be broken in a few hours on a personal computer, whereas a 512-bit key would take hundreds of computers months to crack. For this reason, I recommend using a 512-bit key with iCrypt – it offers the best performance-security ratio. If anyone feels the need for stronger encryption than this, then they would not be using such a program and would instead be opting for a professional encryption solution.
Generation of 512-bit Key: 0.3s/key
Encryption Times Using Various Sized Plaintext Files:
|Plaintext File Size (Kb)||Encryption Time (s)|
Decryption Times Using Various Sized Plaintext Files:
|Resultant Plaintext File Size (Kb)||Encryption Time (s)|
Ciphertext File Size After Encryption:
|Plaintext File Size (Kb)||Resultant Ciphertext File Size (Kb)|
For the full statistics set and various graphs you can download the results spreadsheet from here.