Download Krencrypt - users.miamioh.edu

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript
Krencrypt
An Open Source Approach to Password Security
Kyle Rogers
4/5/2012
This document describes both the desktop version and mobile version of Krencrypt Password
Manager in detail. Descriptions of how the software was developed, how it works, and the level of
security for generated passwords. In addition, the source code and future additions to the software
are included. The paper is written for audiences with some understanding of programming, but
with little to no understanding of computer security.
Pa ge |1
CONTENTS
1. Overview ....................................................................................................................................................................................... 2
1.1 Brief History ......................................................................................................................................................................... 2
1.2 Features ................................................................................................................................................................................. 2
1.3 How to Use It ....................................................................................................................................................................... 3
2. Mobile Application.................................................................................................................................................................... 5
3. Behind the Scenes ..................................................................................................................................................................... 6
3.1 Entropy: How Much More Secure is it? ................................................................................................................... 6
3.2 The Algorithm: How It Works ..................................................................................................................................... 7
4. Drawbacks ................................................................................................................................................................................. 10
4.1 Desktop Version .............................................................................................................................................................. 10
4.2 Android OS Version ....................................................................................................................................................... 11
4.3 Improvements for Version 2.0 ................................................................................................................................. 11
5. Source Code............................................................................................................................................................................... 12
5.1 Encryption Package ....................................................................................................................................................... 12
5.2 Desktop Version .............................................................................................................................................................. 14
5.3 Android Version .............................................................................................................................................................. 20
Works Cited.................................................................................................................................................................................... 25
Pa ge |2
1. OVERVIEW
Krencrypt Password Manager is a useful way to store passwords in the most secure way
possible: by not actually storing them. By this, it is meant that Krencrypt does not store passwords;
rather, it generates them, in a predictable, consistent manner. There is nothing random about how
Krencrypt generates passwords; it uses a mathematical algorithm to generate the password using
several pieces of information related to the use of the password. An advantage of using this
application is that it generates a seemingly random string of twelve letters and numbers to be used
for passwords that will be secure against brute for brute force attacks.
The algorithm used to generate the passwords takes three inputs. The combination of these
three inputs should be unique to each individual, so only they can generate their password. All
three inputs are arrays of ASCII characters of any size. The algorithm itself will work regardless of
what the three inputs actually represent, however, it is recommended to the user that the first input
be the username that will be associated with the password, the second be the name of the service
that the account is being used for, and the third input is a unique key known only to the user. The
original desktop version of this software uses a key file that the user has stored on their computer.
Any file type can be used for the key, but it is required that the file be something that will not
change. This is because any changes to the file, including size or content, will alter the resulting
password. In order to ensure the static state of the file and preservation of the passwords, it is
recommended that the file be something that is not editable, or something that the user would have
no desire to edit. An example of this would be a picture from a family vacation, a music file, or a
randomly generated file using the feature described in Section 1.2 Features. Text files or program
files are not recommended as they can change often and without the user’s notice.
1.1 BRIEF HISTORY
Krencrypt Password Manager was developed in 2012 by Miami University undergraduate student
student Kyle Rogers during a semester break in his sophomore year. The application began as an
experiment with encryption algorithms during which he created a basic algorithm that was named
“Kyle Rogers’ Encryption” which was shortened to Krencrypt. This algorithm will be explained in
more detail in 3.2 The Algorithm: How It Works. The algorithm began to turn into a password
manager as a way of testing the application and a GUI was put together to make it more usable.
Soon after the desktop version was created, development on an Android OS version began. The
mobile version is discussed in detail in Section
Pa ge |3
2. Mobile Application.
1.2 FEATURES
Krencrypt has several features that can assist the user with generating secure, random
passwords. It is written in the Java programming language so it can work on any operating system
that can run the Java Virtual Machine, which today, is nearly every desktop OS. The application uses
the Javax graphical user interface library, and uses a text field for the output password, allowing the
user to simply copy and paste the password straight from the GUI. In addition, there is a file
browser included that allows the user to search for the key file that they would like to use.
As explained above, the algorithm takes three inputs, one of which is a key file, which can be
any file stored on the computer. The desktop version of Krencrypt comes with a random file
generator that will overwrite a currently existing file with a random string of bits. When the user
generates the file, a prompt appears to specify the number of bytes that the file should be, the larger
the number the better, however, larger files also take longer to generate. It is typically
recommended that the file be at least 10,000 bytes, or 9.7 kilobytes.
1.3 HOW TO USE IT
An advantage of Krencrypt is its ease of use. Being developed in Java allows the same
executable to be run on any operating system that supports the Java Virtual Machine, which
includes Windows, Mac OS, and Linux. The program is an executable JAR file, which allows it to be
run without installation, so it just needs to be downloaded and is ready to use.
Pa ge |4
Once the program is downloaded, double click the JAR file to start. At this point, a window
similar to Figure 1Figure 1 should appear. From here, the user should either choose a key or
generate their own and store it somewhere safe. Keys can be generated and chosen using the
“System” menu tab shown in Figure 2. It is important to note that in the current version of
Krencrypt (Version 1.0), the key file cannot be created; only the contents can be generated. So it is
important that the key file already exist before being used with the “Generate and Use New Key…”
option. For trial purposes, a default key is provided, however this not recommended as the same
default key is present in every download of Krencrypt, and so others would be able to generate the
same password easily. In addition, it is not guaranteed that future versions of Krencrypt will
include the same default key.
After a key is chosen, the user should then complete the text fields and click generate. The result
should be similar to what is depicted in Figure 3. This password will be generated exactly the same
every time that the program is run using the same set of inputs.
FIGURE 1: KRENCRYPT BEING RUN ON WINDOWS 7 WITH AERO ENABLED
FIGURE 2: THE SYSTEM MENU FOR GENERATING AND USING KEY FILES
Pa ge |5
FIGURE 3: A SAMPLE PASSWORD GENERATED USING THE DEFAULT KEY
Pa ge |6
2. MOBILE APPLICATION
This section deals with the mobile version of Krencrypt. Differences between the desktop
and mobile versions will be emphasized and a short guide to using the app will be included.
Krencrypt Password Manager also has a mobile version available for the Android Operating
System. This app was built on Version 2.3.3 of Android and will work with all subsequent versions.
It is likely that it will work on earlier versions of Android as well, however, this is untested.
In general, the mobile version is identical to the desktop version. However, rather than
taking a key file, the mobile version has another text field for a “Master Password”. The master
password serves as a single password that can be used to retrieve any other password. In the
algorithm discussed in Section 3.2 The Algorithm: How It Works, the password acts identically to
the key. In fact, the user can store the master password in a text file and use it as a key for the
desktop version and generate the same passwords. The future of the use of a master password is
discussed more in Section 4.2 Android OS Version.
The mobile version’s graphical user interface has a minimalist design. It uses three text
fields and has a button labeled “Generate” similar to the desktop version. Some of the features that
are not present in the mobile version are inability to use key files, no ability to generate key files,
cannot copy and paste the generated password. Some of these are results difficulty with Android
OS and others were due to lacking the need.
Using the mobile app is very easy. Go to the apps menu and select “Krencrypt Password
Manager”. From here, fill in the three text fields, “Username”, “Service Name”, and “Master
Password”, and click “Generate Password” and the generated password will appear below.
FIGURE 4: SCREENSHOT OF MOBILE VERSION
Pa ge |7
3. BEHIND THE SCENES
In this section, how the application works will be described in more detail. Key information
about password security and how it applies to Krencrypt will be discussed in Section 3.1 Entropy:
How Much More Secure is it? Then, the algorithm used by Krencrypt Password Manager will be
explained in Section 3.2 The Algorithm: How It Works.
3.1 ENTROPY: HOW MUCH MORE SECURE IS IT?
A common way to measure the strength of a password is to describe it in terms of entropy.
On a basic level, entropy represents how many attempts it will take before the password is
discovered and, by extension, how secure the password. Generating a random password is
obviously more secure than a user generated password, however, entropy gives a good way of
actually giving a measurement of how secure. Entropy is measured in bits, where for each
additional bit of entropy, the number of attempts to break the password doubles. For example, a
password with 20 bits of entropy would take two times as many attempts as a password of 19 bits,
and 1024 more attempts than a password with 10 bits of entropy.
Measuring the entropy of user generated passwords can be difficult. The Computer
Security Division of the National Institute of Standards and Technology gives a detailed explanation
of how to get an estimate of the entropy of user generated (Polk, Burr and Dodson). Each character
in the password adds a certain amount of bits of entropy depending on the position within the
string and the variance of characters can add additional bits. The value for each character is
described in Table 1. As an example, the password “password” would theoretically have 18 bits of
entropy because it is a fairly short password without much variance in characters. To add bits of
entropy, if the password is modified so that there is a capital letter and a symbol included, such as
“Password4”, it would gain an additional six bits of entropy for a total of 24 bits. It is important to
note that this is simply an example of how the mathematics of entropy measurement works. In
reality, a password such as “password” or even “Password4” would be guess within seconds due to
it being a dictionary word with an appended number, which most password-cracking software will
test for. In addition, “password” is a common password and would most likely be one of the first
attempts.
Character
1
2-8
9-20
21+
Use of
Capitals/Symbols
Bits of Entropy
4
2
1.5
1
6 (one time)
TABLE 1: MEASURE OF ENTROPY FOR
USER GENERATED PASSWORDS
In comparison to user generated passwords, a random string of the ASCII characters that
appear on a standard USA keyboard have about 6.6 bits of entropy per character, according to NIST
(Polk, Burr and Dodson). Using this method of measurement, the password generated in Figure 3
(y#S@c8byb7B4) would have roughly 79 bits of entropy. To put this number in perspective, a
Pa ge |8
website that is devoted to cracking encryption, distributed.net, estimates that a password with 72
bits of entropy would take approximately 124.8 years (RC5-72 / Overall Project Stats ). This
password has 7 more bits of entropy than what was estimated by distributed.net, so it is reasonable
to approximate that this password would take 31,824 years to crack using modern digital
computing technology.1
3.2 THE ALGORITHM: HOW IT WORKS
This section deals with the explanation of how the password generation works. In order to
fully explain the algorithm, this section will use a combination of pseudocode as well as English.
The password generation algorithm takes three input strings. Technically, these strings can be of
anything, but for the purposes of being able to generating the password again, it is recommended
that the first string be the username, the second be the service name, and the third be the key. In
the pseudocode, the username will be represented by “user”, the service name will be represented
by “domain”, and the key will be represented by “key”. Each of these is a string of characters, which
are essentially arrays of characters. When being referred to in the plain English sections, variables
will be italicized.
An important feature of Java, as well as most other programming languages, is its ability to
treat characters as integers. Each character is a byte, or series of eight bits, which allows up to
different characters. Each number represents a different character. The first 128
characters and their corresponding decimal values can be seen in Figure 1. Each of characters can
be operated upon as if they were the corresponding decimal value. Using Figure 5, the following
character arithmetic would hold true:
.
One important condition for this approximation to be accurate is for the password to be randomly
generated. It is important to note that Krencrypt does not necessarily generate random passwords.
Using a key that was randomly generated would give a pseudorandom password, which is
effectively random in terms of entropy, however, if the user uses a key that is not randomly
generated, the above approximation will not necessarily hold true.
1
It is also important to note that any encryption or password can be broken given enough time.
Computer security relies on the fact that it would take too long to decipher the encryption to be
worth it. However, this will not be the case if quantum computers are created.
Read more about quantum computing: http://en.wikipedia.org/wiki/Quantum_computing
Pa ge |9
FIGURE 5: STANDARD ASCII TAB LE, WITH 128 CHARACTERS
SOURCE: (ASCII TABLE)
The top level function that is called by the program is named “genPass” and takes the three
parameters described above. Two strings are created within the function: ret and data. Ret (short
for return) is the final password that is given to the user. Data is a combination of user and domain;
it alternately takes one letter from each string. If user = “USERNAME” and domain = “domain”, then
data = “UdSoEmRaNiAnME”. This string is what is encrypted using the Krencrypt encryption
algorithm.
Before sending data through Krencrypt, however, a seed must be provided for where to
start within key. For this, the function “genSeed” is used. The function uses factors such as the size
of key, length of user, and length of domain. Using the character arithmetic described above, the
sum of all of the characters in user using the equation
. A similar method is used on
domain, however, rather than a summation, each term is multiplied. The equation used on domain
is
. These two terms are added together, then a bitwise or is
performed with the length of key. Finally, this term is modded by the length of key in order to
ensure that the seed remains within the bounds of key. The full equation used to calculate seed is:
P a g e | 10
Now that the key has been generated, all of the input for the “encrypt” function has been
completed. Within this function is essentially a Caesar Cipher, with some minor alterations. A
traditional Caesar Cipher shifts each character a certain amount, so a string such as “hello world”
with a key of five would become “mjqqt%|twqi”. However, this algorithm alternately adds or
subtracts the character at the current position in key. This method makes the encryption much
more secure because only the original key can be used to decipher the encrypted string. If the key
is randomly generated, it should be impossible to recreate the password without the original key
file.
The result from “encrypt” is a great encrypted version of the original input, data. However,
there are still issues with using it for a password. Results from “encrypt” may result in strings that
include symbols that cannot be typed on a standard keyboard, and will most likely not be accepted
as a password on many services. Some of the characters that may appear as a result of this
encryption can be seen in Figure 5 above. In order to avoid this, the string is run through a final
algorithm that ensures that every character can be typed by the user, and will be acceptable as a
password. This algorithm shifts characters around to fall within specific ranges that are acceptable.
P a g e | 11
4. DRAWBACKS
This section will discuss the various drawbacks associated with using this software. It will
explain bugs that are present in the software, as well as security risks that are inherent in using
password manager software such as Krencrypt.
One major drawback of the software, both desktop and mobile, is that some services require
certain types of characters. Everyone has encountered a website which specified that at least one
character be capital and one character be non-alphabetic.2 While unlikely, it is conceivable that the
algorithm generates a password that does not meet requirements. There are two fixes for this
issue.
One possible fix for this issue is to have a checklist of required characters that the domain
requires and the algorithm takes these requirements into consideration before returning the result.
The problem with using this method is consistency. Krencrypt is useful because it returns the same
password every time for the same set of inputs. However, if a checklist of requirements was also
included, the user would have to ensure that the same requirements are input every time they want
to retrieve the password. This is impractical as the user would need to remember the password
requirements for each service that they use.
A more practical option is to take the most common requirements for passwords and
always include them in the password. This fix would ensure that the user would not have to
remember the requirements to check off for each service. A drawback of this solution is that it
could make all passwords less secure.3
4.1 DESKTOP VERSION
While an advantage of Krencrypt is that it is written in Java, as it allows the same file to be
run on any major operating system, this is also a drawback for future releases. Java is known for
being fairly slow compared to other programming languages. This is due to the inefficiencies of its
memory management, as well as needing to be run through a virtual machine, which essentially
makes it a program within a program. In order to make it more efficient and be able to handle
larger keys and return larger, more secure passwords effectively, the program should be rewritten
The idea behind this practice is that it makes the password more secure. However, this does the opposite.
At first glance using Table 1 on page 6, this should add six bits of entropy; however, because using a capital
letter and symbol is a requirement of the password, this table’s information is no longer accurate.
Computer security relies on the time required to perform a brute force attack. The term “brute force” refers
to attempting every possible value until the correct result is found. On a typical password of twelve
characters that allows any of the 95 characters on the USA keyboard there are
2
possibilities. On the other hand, if there is a requirement for at least one capital letter and at least one
non-alphabetic symbol there are
possibilities. By forcing the user to
abide by these requirements they reduce the number of possible passwords, and therefore the password’s
security, by a factor of a million.
3 Always using a capital letter and a symbol is different than if the service requires them. If a service has
password requirements, then a hacker can write their algorithm based on the fact this fact. However, if the
individual has their own personal requirements for their passwords, then the hacker cannot make any
assumptions for their algorithm. Thus, the passwords generated by Krencrypt are only less secure if the
hacker knows that they were generated by Krencrypt.
P a g e | 12
in C or C++. In order to balance speed and maintainability, future versions should be a combination
of C, C++, and Assembly. Some of the encryption protocols could be implemented in Assembly,
while others would be easier to write in C. In addition, the command line interface would most
likely be written in C. The graphical user interface would likely be written in C++.
4.2 ANDROID OS VERSION
The mobile version of Krencrypt has one major drawback that prevents it from being as
useful as it could be. The mobile version of Krencrypt needs to be able to read in a key file. Without
this feature, users o the desktop version will not be able to use the mobile version without changing
their key file to being a simple password stored in a text file.
4.3 IMPROVEMENTS FOR VERSION 2.0
Many improvements need to be made for the next update of Krencrypt. Several bugs need
to be fixed and important features need to be added.
Known issues in the desktop version 1.0:




When using the “Generate and Use New Key File” from the “System” menu, the program will
fail when prompted to create a new file. It requires the file to already exist.
If an empty file is used for the key, the program will not generate a password and will not
inform the user that the file is invalid.
When generating a new key, the program allows negative numbers to be used for the size of
the key file; however, this simply creates an empty file, which results in the above bug.
There is no command line option for the program. When run from the command line, the
program should take parameters, which should have one ‘-h’ that displays help text, and
another ‘-c’ that should allow the program to be run completely from command line. When
run from command line, there should be additional parameters to allow the username,
domain, and key to be specified prior to running the program.
Known issues with the mobile version 1.0:


It will occasionally crash for unknown reasons.
Does not allow for files to be used for the key. The user should be able to store the key file
on an SD card and read the file from the app.
P a g e | 13
5. SOURCE CODE
This section contains all of the source code for Krencrypt, both the desktop and mobile
versions. Section 5.1 Encryption Package contains the source code for the encryption algorithms
that are used by both versions. Because both the desktop and mobile versions are written in Java,
the encryption package was copied exactly from the desktop version to the mobile version’s source
code. Because it is an exact copy, these files will not be included multiple times; instead they will
simply be referred to within Section 5.2 Desktop Version and Section 5.3 Android Version.
5.1 ENCRYPTION PACKAGE
The encryption package is the same for both the desktop and mobile versions of Krencrypt.
This package contains all of the mathematical encryption information. The files are explained in
more detail in Section 3.2 The Algorithm: How It Works.
package krencrypt.encryption;
public final class Krencrypt {
protected static final String encrypt(String key, String data, int
seed) {
String ret = "";
key = key.substring(seed);
boolean even_pos = true;
for (int i = 0 ; i < data.length() ; i++) {
char n_char = ' ';
int key_length = key.length();
int n_key = key.charAt(i % key_length);
int n_data = data.charAt(i);
if (even_pos)
n_char = (char) ( (n_data + n_key) % 0xFFFFFFFF );
else
n_char = (char) ( (n_data - n_key) % 0xFFFFFFFF );
even_pos = !even_pos;
ret += n_char;
}
return ret;
}
protected static final String decrypt(String key, String data, int
seed) {
String ret = "";
key = key.substring(seed);
boolean even_pos = true;
for (int i = 0 ; i < data.length() ; i++) {
char n_char = ' ';
int key_length = key.length();
int n_key = key.charAt(i % key_length);
int n_data = data.charAt(i);
if (even_pos)
n_char = (char) ( (n_data - n_key) % 0xFFFFFFFF );
else
P a g e | 14
n_char = (char) ( (n_data + n_key) % 0xFFFFFFFF );
even_pos = !even_pos;
ret += n_char;
}
return ret;
}
}
package krencrypt.encryption;
public final class PasswordGenerator {
public static final int MIN_PASSWORD_LENGTH = 8;
public static final int MAX_PASSWORD_LENGTH = 12;
public static final String genPass(String user, String domain, String
{
String ret = "";
String encrypted;
String data = "";
int user_length = user.length();
int dom_length = domain.length();
int key_length = key.length() % Integer.MAX_VALUE;
int seed = genSeed(user, domain, key_length);
for (int i = 0 ; i < (user_length + dom_length) ; i++)
{
data += (i % 2 == 0) ? user.charAt(i % user_length) :
domain.charAt(i % dom_length);
}
encrypted = Krencrypt.encrypt(key, data, seed);
ret = makeTypeable(encrypted);
return ret;
}
key)
private static final int genSeed(String user, String domain, int
key_length) {
int seed = 0;
for (int i = 0 ; i < user.length() ; i++) {
seed = (seed + (int) user.charAt(i)) % key_length;
}
for (int i = 0 ; i < domain.length() ; i++)
{
if ((int) domain.charAt(i) != 0)
seed = (seed * (int) domain.charAt(i)) % key_length;
seed = (seed + (int) domain.charAt(i));
}
seed |= key_length;
seed %= key_length;
if (seed < 0)
{
System.err.println("Error in generating seed : Value too
low");
seed = 0;
}
return seed;
}
private static final String makeTypeable(String mess) {
P a g e | 15
int ascii_offset = 35;
if ( mess.length() < MIN_PASSWORD_LENGTH)
mess += mess;
if ( mess.length() > MAX_PASSWORD_LENGTH)
mess = mess.substring(0, MAX_PASSWORD_LENGTH);
String ret = "";
for (int i = 0 ; i < mess.length() ; i++) {
int c = (int) mess.charAt(i);
c = (c % ('z'-ascii_offset)) + ascii_offset;
if (c == '"')
c = '!';
if (c > '&' && c < '0')
c += '0' - '&';
if (c > '9' && c < '@')
c += '@' - '9';
if (c > 'Z' && c < 'a')
c += 'a' - 'Z';
ret += (char) c;
}
return ret;
}
}
package krencrypt.encryption;
import java.util.Random;
public class KeyGen {
public static String generateNewKey(int size)
String ret = "";
Random rnd = new Random();
for (int i = 0 ; i < size ; i++)
{
int x = rnd.nextInt(128);
ret += (char) x;
}
return ret;
}
{
}
5.2 DESKTOP VERSION
The desktop version includes all of the files described in Section 5.1 Encryption Package and
has additional files that govern the graphical user interface.
package krencrypt.ui;
import java.io.*;
public class KeyManagement {
/**
* Fetch the entire contents of a text file, and return it in a String.
P a g e | 16
* This style of implementation does not throw Exceptions to the
caller.
*
* @param aFile is a file which already exists and can be read.
*/
static public String getContents(File aFile) {
//...checks on aFile are elided
StringBuilder contents = new StringBuilder();
try {
//use buffering, reading one line at a time
//FileReader always assumes default encoding is OK!
BufferedReader input = new BufferedReader(new
FileReader(aFile));
try {
String line = null; //not declared within while loop
/*
* readLine is a bit quirky :
* it returns the content of a line MINUS the
newline.
* it returns null only for the END of the stream.
* it returns an empty String if two newlines appear
in a row.
*/
while (( line = input.readLine()) != null){
contents.append(line);
contents.append(System.getProperty("line.separator"));
}
}
finally {
input.close();
}
}
catch (IOException ex){
ex.printStackTrace();
}
return contents.toString();
}
/**
* Change the contents of text file in its entirety, overwriting any
* existing text.
*
* This style of implementation throws all exceptions to the caller.
*
* @param aFile is an existing file which can be written to.
* @throws IllegalArgumentException if param does not comply.
* @throws FileNotFoundException if the file does not exist.
* @throws IOException if problem encountered during write.
*/
static public void setContents(File aFile, String aContents)
throws FileNotFoundException, IOException {
if (aFile == null) {
throw new IllegalArgumentException("File should not be
null.");
P a g e | 17
}
if (!aFile.exists()) {
throw new FileNotFoundException ("File does not exist: " +
aFile);
}
if (!aFile.isFile()) {
throw new IllegalArgumentException("Should not be a
directory: " + aFile);
}
if (!aFile.canWrite()) {
throw new IllegalArgumentException("File cannot be written:
" + aFile);
}
//use buffering
Writer output = new BufferedWriter(new FileWriter(aFile));
try {
//FileWriter always assumes default encoding is OK!
output.write( aContents );
}
finally {
output.close();
}
}
}
package krencrypt.ui;
import javax.swing.*;
import
import
import
import
java.awt.Dimension;
java.awt.event.ActionEvent;
java.awt.event.ActionListener;
java.io.File;
import krencrypt.encryption.KeyGen;
public class AppFrame extends JFrame {
public static final long serialVersionUID = 1;
private String key, key_loc;
private MainPanel pane;
public AppFrame(String name) {
super(name);
key_loc = "default - NOT Recommended";
key = "This is the default key and is NOT recommended to use";
pane = new MainPanel(key, key_loc);
add(pane);
addMenuBar();
setPreferredSize(new Dimension(400, 200));
setResizable(false);
}
private void addMenuBar()
{
JMenuBar menu = new JMenuBar();
P a g e | 18
menu.add(createSystemMenu());
setJMenuBar(menu);
}
private JMenu createSystemMenu()
{
JMenu sys = new JMenu("System");
sys.add(createKeyGenItem());
sys.add(createOpenKeyItem());
sys.add(createExitMenuItem());
return sys;
}
private JMenuItem createKeyGenItem()
{
JMenuItem keygen = new JMenuItem("Generate and Use New Key...");
class ItemActionListener implements ActionListener
{
public void actionPerformed(ActionEvent e)
{
String key;
String sizeStr = JOptionPane.showInputDialog(
"Input an integer (Recommended: At least
10000)");
if (sizeStr != null)
{
try{
int size = Integer.parseInt(sizeStr);
key = KeyGen.generateNewKey(size);
JFileChooser f = new JFileChooser();
int ret = f.showSaveDialog(null);
if(ret == JFileChooser.APPROVE_OPTION)
{
key_loc =
f.getSelectedFile().getAbsolutePath();
File key_file = new File(key_loc);
KeyManagement.setContents(key_file,
key);
pane.resetKey(key, key_loc);
}
}catch(Exception excep) {
JOptionPane.showMessageDialog(null,
"Cannot Use Selected File", "Error",
JOptionPane.WARNING_MESSAGE,
null);
}
}
}
}
ItemActionListener listener = new ItemActionListener();
keygen.addActionListener(listener);
return keygen;
}
private JMenuItem createOpenKeyItem()
{
JMenuItem keygen = new JMenuItem("Use Key...");
class ItemActionListener implements ActionListener
{
public void actionPerformed(ActionEvent e)
{
try{
JFileChooser f = new JFileChooser();
P a g e | 19
int ret = f.showSaveDialog(null);
if(ret == JFileChooser.APPROVE_OPTION)
{
key_loc =
f.getSelectedFile().getAbsolutePath();
File key_file = new File(key_loc);
key =
KeyManagement.getContents(key_file);
pane.resetKey(key, key_loc);
}
}catch(Exception excep) {
//
excep.printStackTrace();
System.out.println("THIS SHOULD APPEAR");
JOptionPane.showMessageDialog(null, "Cannot Use
Selected File", "Error",
JOptionPane.WARNING_MESSAGE, null);
}
}
}
ItemActionListener listener = new ItemActionListener();
keygen.addActionListener(listener);
return keygen;
}
private JMenuItem createExitMenuItem()
{
JMenuItem item = new JMenuItem("Exit");
class MenuItemListener implements ActionListener
public void actionPerformed(ActionEvent event)
System.exit(0);
}
}
MenuItemListener listener = new MenuItemListener();
item.addActionListener(listener);
return item;
}
{
{
}
package krencrypt.ui;
import javax.swing.*;
import java.awt.event.*;
import java.awt.*;
import krencrypt.encryption.PasswordGenerator;
public class MainPanel extends JPanel {
public static final long serialVersionUID = 1;
private ButtonActionListener listener;
private JTextField user, domain, key_loc, password;
private JLabel user_label, dom_label, key_loc_label, pass_label;
private JButton generate;
private String key, key_location;
public MainPanel(String new_key, String location_of_key)
{
P a g e | 20
key = new_key;
key_location = location_of_key;
setLayout(new GridLayout(5,1));
declareComponents();
addComponents();
}
private void declareComponents()
{
listener = new ButtonActionListener();
user = new JTextField();
domain = new JTextField();
key_loc = new JTextField();
key_loc.setText(key_location);
key_loc.setEditable(false);
password = new JTextField();
password.setEditable(false);
generate = new JButton("Generate!");
generate.addActionListener(listener);
user_label = new JLabel(" Enter Username: ");
dom_label = new JLabel(" Enter Service Name: ");
key_loc_label = new JLabel(" Key Location: ");
pass_label = new JLabel(" Password: ");
}
private void addComponents()
add (user_label);
add (user);
add (dom_label);
add (domain);
add (key_loc_label);
add (key_loc);
add (pass_label);
add (password);
add (generate);
}
{
public void resetKey(String new_key, String new_key_loc)
key = new_key;
key_loc.setText(new_key_loc);
}
{
private class ButtonActionListener implements ActionListener
{
public void actionPerformed(ActionEvent event) {
try{
String username = user.getText();
String dom = domain.getText();
String pwd = PasswordGenerator.genPass(username, dom,
key);
password.setText(pwd);
}catch(Exception e)
{
e.printStackTrace();
}
}
}
}
import javax.imageio.ImageIO;
P a g e | 21
import javax.swing.*;
import java.awt.image.*;
import krencrypt.ui.AppFrame;
public class PasswordManager {
private static BufferedImage icon;
public static void main(String[] args)
{
AppFrame frame = new AppFrame("Krencrypt Password Manager");
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.pack();
// Attempts to use an icon
try {
icon = ImageIO.read(frame.getClass().getResource(
"/icon.png"));
frame.setIconImage(icon);
}
catch (Exception e) {
System.err.println("Cannot locate icon.png" +
"\nProceeding without icon");
}
frame.setVisible(true);
}
}
5.3 ANDROID VERSION
The mobile version includes all of the files described in Section 5.1 Encryption Package as
well as files that govern the interface with Android OS and XML documents that manage the layout
of the application.
package krencrypt.droid;
import
import
import
import
import
import
import
android.app.Activity;
android.os.Bundle;
android.view.View;
android.widget.Button;
android.widget.EditText;
android.widget.TextView;
krencrypt.encryption.PasswordGenerator;
public class Main extends Activity {
protected
protected
protected
protected
protected
TextView
TextView
EditText
EditText
EditText
res;
genPass;
userId;
servId;
passId;
/** Called when the activity is first created. */
P a g e | 22
@Override
public void onCreate(Bundle savedInstanceState) {
res = new TextView(this);
genPass = new TextView(this);
userId = new EditText(this);
servId = new EditText(this);
passId = new EditText(this);
final Button gen = (Button)
findViewById(R.id.gen_password_button);
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
gen.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
res = (TextView) findViewById(R.id.ret_pass);
genPass = (TextView) findViewById(R.id.genPassField);
userId = (EditText) findViewById(R.id.editText1);
servId = (EditText) findViewById(R.id.editText2);
passId = (EditText) findViewById(R.id.editText3);
String user = userId.getText().toString();
String domain = servId.getText().toString();
String key = passId.getText().toString();
// Generates the password for the input combination
String result = PasswordGenerator.genPass(user,
domain, key);
genPass.setText("Password:");
res.setText(result);
}
}
);
}
}
/* AUTO-GENERATED FILE. DO NOT MODIFY.
*
* This class was automatically generated by the
* aapt tool from the resource data it found. It
* should not be modified by hand.
*/
package krencrypt.droid;
public final class R {
public static final class attr {
}
public static final class drawable {
public static final int ic_launcher=0x7f020000;
}
public static final class id {
public static final int editText1=0x7f050001;
public static final int editText2=0x7f050003;
public static final int editText3=0x7f050005;
P a g e | 23
public
public
public
public
public
public
static
static
static
static
static
static
final
final
final
final
final
final
int
int
int
int
int
int
genPassField=0x7f050007;
gen_password_button=0x7f050006;
password_prompt=0x7f050004;
ret_pass=0x7f050008;
servicename_prompt=0x7f050002;
username_prompt=0x7f050000;
}
public static final class layout {
public static final int main=0x7f030000;
}
public static final class string {
public static final int app_name=0x7f040000;
public static final int genPassStr=0x7f040009;
public static final int gen_pass_button=0x7f040004;
public static final int password=0x7f040007;
public static final int passwordStr=0x7f040003;
public static final int ret_pass=0x7f040008;
public static final int serviceNameStr=0x7f040001;
public static final int servicename=0x7f040006;
public static final int username=0x7f040005;
public static final int usernameStr=0x7f040002;
}
}
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="krencrypt.droid"
android:versionCode="1"
android:versionName="1.0" >
<uses-sdk android:minSdkVersion="10" />
<application
android:icon="@drawable/ic_launcher"
android:label="@string/app_name" android:debuggable="true">
<activity
android:name=".Main"
android:label="@string/app_name" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>
<?xml version="1.0" encoding="utf-8"?>
<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
android:layout_width="fill_parent"
android:layout_height="fill_parent"
android:orientation="vertical" >
<TextView
android:id="@+id/username_prompt"
android:layout_width="wrap_content"
P a g e | 24
android:layout_height="wrap_content"
android:text="@string/usernameStr"
android:textAppearance="?android:attr/textAppearanceLarge" />
<EditText
android:id="@+id/editText1"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/username" />
<TextView
android:id="@+id/servicename_prompt"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:text="@string/serviceNameStr"
android:textAppearance="?android:attr/textAppearanceLarge" />
<EditText
android:id="@+id/editText2"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/servicename" />
<TextView
android:id="@+id/password_prompt"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:text="@string/passwordStr"
android:textAppearance="?android:attr/textAppearanceLarge" />
<EditText
android:id="@+id/editText3"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:inputType="textPassword"
android:text="@string/password" />
<Button
android:id="@+id/gen_password_button"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/gen_pass_button" />
P a g e | 25
<TextView
android:id="@+id/genPassField"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:text="@string/genPassStr"
android:textAppearance="?android:attr/textAppearanceLarge" />
<TextView
android:id="@+id/ret_pass"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/ret_pass"
android:textAppearance="?android:attr/textAppearanceLarge" />
</LinearLayout>
P a g e | 26
WORKS CITED
"ASCII Table." 2010. Ascii Table. 5 March 2012. <http://www.asciitable.com/index/asciifull.gif>.
Polk, W. Timothy, William E. Burr and Donna F. Dodson. "Electronic Authentication Guideline."
April 2006. National Institute of Standards and Technology. 5 March 2012.
<http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf>.
"RC5-72 / Overall Project Stats ." 4 March 2012. distributed.net. 5 March 2012. <
http://stats.distributed.net/projects.php?project_id=8>.