FAQ & Hints
Should I send messages using the text frame or first save it as a file and then use the file frame?
It depends, because both have their pros and cons.
Long messages, that is, hundreds of lines, or more, should always be sent as files. (Power Crypto is designed for handling large files efficiently and small texts in a way that suits most email programs, but this has the side effect that large texts are processed quite slowly.) For example, open Notepad, or a word processor both you and your receivers of your message are familiar with. Enter your message and save it on disk. Locate the file with the left Browse button and encrypt the file. The encrypted file may now be delivered, for example, as an attached file to an email.
Short messages, that is, at the maximum of a couple of hundred lines, can be handled in either way. Using the text alternative, the encrypted message can be selected, copied, and pasted into an email, without bothering about any files. Furthermore, the receivers may find it safer to get the encrypted text directly in the email, without having to open any attached files (for fear of viruses). On the other hand, the receivers have to select every single encrypted character and nothing else of the email, before they copy and paste it into Power Crypto for decryption, otherwise the decryption will fail. See also items 3 and 4 in the next question.
Finally, never mix texts and files. For example, if you encrypt a text, DO NOT copy the encrypted text into, say, Notepad, save it on disk and then decrypt the file, or vice versa. Encryption/decryption of texts and files are done differently, so mixing these two ways will definitely fail.
After decrypting a text, or file, it still looks encrypted, although different. How come?
Check carefully that you are using the very same key for encryption as for decryption. The keys are case sensitive, that is, small and capital characters are treated differently. Note also that it is the key, not the nickname, that is important.
There are several options available that affect the process. If any changes are done from these default settings at the time of encryption, the very same changes have to be done before the decryption starts. Always use the default settings if you have no good reason for using something else. Note that when starting Power Crypto, a warning message instead of a welcome message, is displayed in the status bar if any option is set to a non-default value.
The next two points do only apply for text messages, not for files:
When decrypting a text, the whole encrypted text and nothing but this text, have to be selected and copied into the "Encrypted Text" frame. If this is not done, the decryption will fail. It is normally not possible to decrypt a part of an encrypted text.
Some email programs add, change or remove special characters in the text, sometimes resulting in a wrong encrypted text, and occasionally, in a wrong decrypted plain text. Power Crypto solves most of these problems internally, but depending of email programs used and any special characters in the text, the decrypted plain text might be unreadable (still looking like encrypted text). This might be solved by reducing the set of encrypted.
What about zipping encrypted files?
To mix encryption and zipping of files is perfectly okey, BUT: zip the plain file first and then encrypt the zipped file, not the other way around. This means also that decryption comes before unzipping.
Zipping means taking advantage of regularities in the file, and the fact that not all types of bytes normally are used in a file. This, however, is not the case for any well encrypted file, so zipping an already encrypted file by Power Crypto, will do no good. Actually, it will normally increase the size slightly. In fact, zipping before encrypting will enhance the security, so there is no security reason for not zipping.
How to deliver keys to others?
Because Power Crypto
is a symmetric crypto
, the same key is used for both encryption and decryption. Therefore, you cannot go public with your keys, hoping no one can decrypt data that others have encrypted with your keys. However, Power Crypto
is one of the very few powerful symmetric cryptos that can be used to safely distribute the keys. To do so, follow the instructions here
If you think you can distribute your keys without following the instructions referred to above, please have a look at the next paragraphs. They might give you a few hints.
Let's say Bob and Alice would like to send encrypted data between them. Alice starts with inventing their common secret key (see below for detailed information about security levels). She creates the key "I Love You", with nickname "Dear Bob". Now, how to send this key to Bob? E-mailing "our secret key when using Power Crypto is: 'I Love You,'" would of course not be a good solution, because this e-mail might be read by Eve, the computer administrator at Bob's office. If Eve got hold of this key, she will later be able to read encrypted e-mails between Bob and Alice. Therefore, this first initial key should be delivered in another way. Maybe Alice can phone Bob and tell him the key. Writing it down on a piece of paper and pass him, or send it by ordinary post (so called snail mail), are another alternatives. Save it on a floppy disk and pass him would perhaps be the best way.
Alternatively, Bob knows that they both read the same newspaper every morning. Therefore, he suggests that they use the first sentence on page 17 in tomorrows newspaper, without having to explicitly deliver this key to Alice. Finally, she finds out about the Key Generator in Power Crypto, uses this and delivers her newly created, very strong key, in an e-mail, encrypted by the previous key. From this on, there love affair was totally secret (until they were seen together, kissing each others).
How should I choose my keys so that they are safe?
What "enemies" do you have, that is, how professional are those that might be interested in your information? Are they ordinary people with very limited or no knowledge at all about encryption, or are you trying to protect yourself from KGB, CIA, or other highly professional organizations with immense supply of qualified people, super computers and special developed codebreaking programs? The answer to this is of course important. Let's classify keys into different levels.
Using your own name, or any name of someone, or something, in your surrounding, including pets, vehicles, cities, and so, is about the lowest level you can get. Anyone who knows you, might guess these names. Never, ever, use such simple keys.
Any normal word or name in your language that has no special relation to you, is the next level. Such keys are hard to guess, even for people knowing you. Therefore, these kind of keys might do for the protection against "unqualified enemies". However, anyone having access to an electronic dictionary and a program that goes through each word and tests it as the key in Power Crypto on encrypted data from you, may find out your key quite easy. With special developed programs for this, your secret key is found in less than a second. Compare these first two levels with the standard key with nickname Bad Example.
Using more than one word, and perhaps using some other language, will make even a systematic search quite hard. The number of words is of course important. The more words, the harder it is to find the key. A full sentence, perhaps taken from a book or a newspaper, may be a candidate. Compare with the standard key with nickname Good Example. Note also that a key of random words, which doesn't make any sense when reading them, is harder to find out than a grammatically perfect sentence, which has to follow a lot of grammar rules. Finally, keys are case sensitive; therefore, mixing small and capital letters in a random fashion, is a good idea. The key "We went to Spain last summer" is better off as "wE wENt tO sPAin lAsT suMmER". These types of keys will probably suffice for most applications.
Because keys don't have to be memorized or entered more than once, there is actually no reason for using real words. Nonsense arrays of characters, like those you get when the cat walks over the keyboard, is far better. With these sorts of keys, even your "professional enemies" start to get it tough. Of course, the more characters, the better.
Have you noticed that encrypted text includes many characters that you don't find on your keyboard? What about using some encrypted text as the new key? This idea is implemented in the Key Generator, which is a tool available for creating new keys and modifying existing ones. Here, you move your mouse so that the cursor moves over a certain area in the program during a period of time. All movements, and the system time, are then used to create a text and a key. The text is encrypted with this key and the result is presented as the new key. In the Key Generator, you may specify how long the key should be. With this tool, and using very long keys, you have access to keys that may offer even the most professional key breaker a lot of headache. Have a look at the key with nickname A Gorgeous One, which is created with this tool.
Can anyone get hold of my keys?
Your keys are stored in your computer in a database called Window's Registry. Other users of this computer may get hold of your keys. Therefore, to prevent anyone from using/stealing your keys, you may protect your nicknames and keys with a password. Read more about this here