Ceci est une ancienne révision du document !
Website: http://www.finalcrypt.org
From the website: “Today's cyber espionage comes from hidden spyware waiting for you to unlock your drive. Disk Encryption no longer protects! Even when you're logged on, unopened files have to remain encrypted. Only File Encryption stops spyware reading your files. Also, most crypto software uses broken AES or asymmetric crypto soon broken by The Shor's Algorithm with Quantum Computers. This cyber espionage pandemic has to be stopped by unbreakable One-Time Pad File Encryption. That is why ‘FinalCrypt’ was built.”
Finalcrypt is, by all accounts, something amazing. It follows the Unix philosophy of doing one thing and doing it well. The main problem of cryptography is getting your “key” from one person to another, without it being intercepted. Hence our current shared key cryptography. What if you do not need to give the key to anyone? Now this becomes a real secret. (A secret is something only you know). One-time pad, (https://en.wikipedia.org/wiki/One-time_pad ) is what you are looking for, and this is what Finalcrypt is all about. Finalcrypt is the brain-child of Rob de Jong, who is also the programmer and project maintainer.
Continuing our series of interviews with open source heroes, in this issue we would like to introduce you to the brilliant creator behind Finalcrypt, Ron de Jong. I asked Ron for an interview and he very kindly accepted to answer my questions.
Q: Ron, thank you very much for your time. First, can you tell us something about yourself? How old are you? Where do you live? What do you do for a living? Where did you study?
A: In September, I’ll be celebrating my 50th birthday; living in Zaandijk (close to Amsterdam) in The Netherlands. At 13, I started programming (Atari 600XL) and became fascinated and obsessed with programming, but dropped out of school at 15 when my father suddenly passed away. Later, I picked up and finished Telematics & LAN Management education, and started working for 15 years as a UNIX Systems & Software Engineer for international Telecom, Internet & IT companies. A period of intense work and training, combining programming and systems engineering, allowing me to start contracting from 2006. After 2008, things went downhill, and, in 2012, I ended my paid career realizing I could no longer function without severe stress in bright light, noisy, social and commercial environments, and in 2013 I was diagnosed with (severe) Autism (Asperger), and decided to retreat in rest-contributing society from home (in an autism friendly way) – developing Free OpenSource (Human Rights) Software.
Q: Encryption is a very complicated subject, when and how did you become interested in it?
A: Throughout my career, encryption always played a part, but more as something you’d use to hide and protect confidential information – assuming that encryption algorithms were as secure as the authorities claimed. Over the years, more and more signals came out that crypto algorithms weren’t as secure as claimed, and vulnerabilities were deliberately exploited to expand espionage on civilians. Cyber security news became jaw dropping during the past decade. Thanks to people like Edward Snowden, Julian Assange, and established news-media, we now know we can’t trust national security agencies to respect privacy. I finally came to realize that One-Time Pad Encryption is the only truly unbreakable encryption. A straightforward algorithm that can’t be reversed or brute-forced – its encryption comes from only irreversible random bit patterns.
Q: Would you care to share some insights into what goes into coding something like finalcrypt?
A: Being a crypto-sceptic, I didn’t want to rely on any cryptographic library, so I decided to build encryption from the ground up – starting at the bit level. Some years back, my initial idea was to XOR (toggle) data-bits with correlating personal key-bits coming from personal images or videos, because even the fastest cluster of supercomputers can’t brute-force (render all bit combinations) until it matches a picture (or video) of me and my cat. So FinalCrypt started out without a key generator, and using existing pictures or videos as keys. Then I got into discussion online with crypto experts who claimed that FinalCrypt actually was One-Time Pad Encryption, but broke OTP rules and could therefore not be 100% unbreakable. Then, in version 2.6.0, I built-in a FIPS140-2 & RFC1750 compliant True Random Number Generator to generate OTP keys allowing manual OTP encryption, and, in version 5.0.0, I added Automatic Key generation, which allowed FinalCrypt to (batch) encrypt all files with One-Time Pad security by default.
Q: Finalcrypt obviously was created in response to something? Care to share?
A: After my autism diagnosis I tried to understand my social limitation in an attempt to understand what social behaviour really is, but couldn’t find objective answers (not even from academic sociologists) so I started to philosophize about social behavior and how evolution evolved social behavior to increase our chances of survival, and concluded that group hunting behavior is about hunting competences of stealth behavioral observation, covert communication, cooperation, cunningly planning deception and attack, overthrowing opponents and enemies. This primal instinct that we humans still have and evolve – keeping us on top of the food chain. Unfortunately, we humans also use these competences against each other to dominate and exploit. Mostly for economic reasons. From that moment on, all pieces of the puzzle fitted together and I was determined to design and build unbreakable encryption from the ground up – not trusting any ClosedSource linked encryption libraries in widely accepted encryption standards.
Q: I see you opted for the creative Commons license; was this always your goal?
A: Starting off, I chose GPL3, but soon after I realised that GPL3 allowed anyone to build-in backdoors, and publicly release it, so I changed to Creative Commons License not allowing anyone releasing derivative works. Changes for personal use are allowed.
Q: Do you have any metrics on how many people use this software?
A: Yes, the website currently counts 1917 different users (unique ip addresses). This number grows with 5 - 50 users / day, counting from 2019-04-01. This can be measured because FinalCrypt (at start-up) automatically checks for updates once every 24 hours.
Q: Can one use finalcrypt within an encrypted volume like LUKS or a Veracrypt volume?
A: Yes. FinalCrypt (like most applications) has no notion of any underlying disk encryption, and just creates files and writes file-data to the underlying physical (or logical presented) file-system. Just tested FinalCrypt on LUKS successfully (with different file-systems).
Q: What difference does the underlying file system make when you have to code encryption software?
A: Mainly file-system meta-data attributes like what timestamps does the file-system support, cloning modification timestamps from source to target file, and what file-system permissions are valid or invalid as data source and data target, and whether directory & file links should be ignored preventing double-directory looping and therefore double encryption attempts.
Q: Since the software is free, how can someone support you or say thank you?
A: I appreciate every “thank you”, but FinalCrypt really depends on publicity as I don’t have the financial means to advertise, so users can really thank me by sharing online.
FinalCrypt is also a political statement telling “Big Brother” that we demand privacy.
Outtro
We have dropped some of the more technical questions about Finalcrypt, but if you would like more, drop us an email on misc@fullcirclemagazine.org.
Finalcrypt seems to be an answer to the current work being done by government agencies on elliptical curve encryption, ‘coz, let’s face it, the threat to privacy is internal these days too. (Like when the GCHQ hacked Belgain telecoms). Cryptography is almost the only thing that protects your digital privacy, and, if you care, you should encrypt everything. If you want to keep your data truly safe, you need OTP and thus Finalcrypt. Ron has put in tremendous effort to make your world a safer place. Not all heroes wear capes.