Tuesday, 2 July 2013

PCSecrets

PCSecrets is a PC application that holds information that you want to keep secret - protected by a master password and strong encryption.

The program is designed to be a PC counterpart of the Secrets for Android app. It uses the same data structure and provides a synchronization mechanism that allows easy transfer of secrets between the two. For those who find the PC environment  more comfortable for data entry and editing (i.e. keyboard/mouse/screen), PCSecrets provides an alternative environment for managing your secrets. Synchronization is also effectively a form of backup.

Encryption

PCSecrets uses AES-256 bit encryption which is the strongest commercially available encryption scheme. In addition it employs bcrypt, which implements key stretching with an adaptive key setup phase.

The purpose of the bcrypt algorithm is to introduce artificial but complex processing that takes a calculated amount of time into the key hashing processes. This introduces a finite delay into the setup of the encryption and decryption ciphers that will be used. In PCSecrets, this setup phase is configured to take 1 second (as measured on the current computer) which is not really perceptible. However, the consequence of this delay is that any attempts to break the encryption by guessing the password are considerably slowed down, since each password guess is forced to go through the same processing to create a decryption key.

This makes it highly resistant to dictionary attack.

(See "key stretching" and "bcrypt" on Wikipedia for more information.)

Features

Features of PCSecrets are:
  • the same strong encryption used by Secrets for Android
  • a form of cryptographic plausible deniability, whereby a hidden second set of secrets can exist that is protected by a different password
  • synchronization with multiple Secrets for Android devices i.e. phones, tablets
  • synchronization data is always fully encrypted
  • automatic backup on save
  • import and export of CSV data
  • written in Java, so can be executed on any system with a suitable Java Virtual Machine
An individual secret is a collection of text fields. These have names such as userid and password, and lend themselves to data used to access Internet sites, but this is only a suggestion and the fields can be used in any way you want. In particular, the note field is provided as a catch-all for holding any unstructured text. The exception is the first field, the description. This is used as the name of the secret, and must be unique.

Installation

Download the executable jar file from (email me for the moment) and place on the desktop or some other suitable location. There is no install process as such - just execute the program by using the Java executable already installed on your computer.

If the default open action for a .jar file on your computer is to open using the Java executable, then simply double-click on the jar file. Otherwise right-click on the .jar file and select the Java executable to open with.

If Java is not installed then you will have to do this first. You can use for example the  Sun Java or OpenJDK.

Getting Started

When first run the program will prompt for an initial password. Try not to use a simple password - a mixture of letters, numbers and special characters but no spaces (leading, trailing or embedded) - and don't forget it! Subsequent executions of the program will require the same password to be provided - if you can't then your secrets will not be accessible. The password can be reset by providing a new one, but all existing secrets will be lost. There is no way to recover a forgotten password.

Optional second set of secrets

You can initially provide two passwords i.e. separated by a space. In this case you actually create two sets of secrets, independently encrypted and independently accessible. When you subsequently start PCSecrets, you can provide either password to access the corresponding set of secrets.

The two sets of secrets are stored as a single chunk of binary data. Externally it is not detectable that two sets of secrets exist, so if someone were to force you to reveal the password(s) to your secrets, you could deny that a second set of secrets existed without anyone being able to prove otherwise. This is known as plausible deniability,

The Main Window

The main window shows a list of secrets on the left, and a form showing the details of the selected secret on the right. Beneath these is a row of buttons. The buttons below the list apply to your secrets as a whole; those below the form apply to the current secret or data in the form.

Creating a secret

To create a new secret, simply type your data into the form and click "Create". The description of the secret becomes its name, that is shown in the list on the left. (The term "description" is used to make it compatible with Secrets for Android - in data terms it is the key of the record.) The set of fields that make up a secret are the same as used by Secrets for Android, and all values are optional apart from "description".

Create will be ignored if a secret with the same description already exists.

The "Clear" button is provided as a quick way to clear the form values before creating a new secret.

Updating a secret

Select the secret by clicking on its entry in the list. Make your changes and click "Update". If you change the description, you are now dealing with a different secret (because you've changed the key). If it doesn't exist, update will be ignored. You can copy a secret by selecting it, giving it a new description and clicking "Create".

If you modify a secret but forget to click "Update", the changes will not be saved.

Deleting a secret

Select the secret (or type its name in the description field) and click "Delete". If you attempt to delete a secret that does not exist, the request is ignored.

Saving

Click "Save all" to save changes to disk. If changes have been made and you exit the program without saving, you will be prompted to do so. If you do exit the program without saving, changes made since the last save will be lost.

Import and export

Secrets can be imported and exported in CSV format. This is a simple and commonly used data exchange format.

Import

Select File->Import.

Use the selection dialog to locate the .csv file to be imported and click "Open". The subsequent Import dialog provides for control over how fields in the imported file are mapped to Secrets fields.

The Columns section  shows how many fields there are in the imported file (by analysis). It also shows the contents of the first record, to determine if a header record is present. If a header exists, and it provides field names that match the Secrets field names (Description, Id, PIN, Email, Notes) then a mapping between these matching fields will automatically be created. A Timestamp field can also be provided to give a record a last updated time.

If no header exists, the fields are identified by position, #1, #2, etc. The mapping of fields is sequential.

To change any mapping, click the Input field name in the Mapping section and select, from the dropdown, the correct field.

When the mapping is correct, click "Import".

Export

Select File->Export.

Choose a location for the exported file, provide a file name and click "Export".

Synchronizing with Secrets for Android

(This feature is currently undergoing testing and is not yet available with the current version of Secrets for Android. It will also require an additional app, the PCSecrets sync agent, to be installed on the Android device alongside Secrets for Android)

To synchronize your secrets, click the PCSecrets "Sync" button and the program will wait for a mobile device to connect.

Secrets are sent to and from the device only in encrypted format, and the same password for encryption and decryption must be used at each end. This does not have to be the same as the one used in either PCSecrets or Secrets for Android. By default PCSecrets will expect the device to use the PCSecrets password. Alternatively, a preference can be set so that a different password can be provided when "Sync" is clicked. Either way, the password to be used has to be configured in Secrets for Android so that both ends of the exchange use the same password.

The program will automatically try to make the secrets in each location the same. In doing this, it follows these rules. A secret that:
  • exists only in one location is created in the other
  • has been updated in one location is copied to the other *
  • has been deleted in one location is deleted from the other *
* provided that the secret in the other location has not itself been modified since the last sync operation. If it has been, a conflict exists which the program cannot resolve automatically, and you will have to indicate what you want it to do. The program will open the sync window so you can do this.

Normally the sync window will only be shown if a conflict exists that you have to resolve. If there are no conflicts the sync operation will complete automatically. Alternatively, you can set a preference so that the sync window is always shown even though they are no conflicts. You may want to do this so you can see exactly what is going on.

The Sync Window

The sync window shows the list of all secrets on the left, and two panels on the right which show the contents of the selected secret on the PC and on the mobile device. Items in the list are colour coded to show their status, and checkboxes can be used to show or hide the different categories.

By default only secrets that differ between platforms are shown, although all secrets can be shown by checking the "Show unchanged" checkbox.

Everything except conflicts are shown for information only and require no action - if secrets differ, the program determines where the latest version is and automatically uses it to update the other location. Note that the content panels are normally read-only; only in the case of a conflict will you have the opportunity to modify the contents of a secret.

Conflicts are always shown and must be resolved before the sync operation can be completed. If you cancel the sync operation no changes are made.

Resolving conflicts

A conflict occurs if a secret has been modified on both the PC and device, or been changed on one and deleted from the other, since the last sync operation. In both cases, the user has to indicate how to proceed, as follows.

If modified in both locations

Select the conflicting secret in the list window. The contents of the secret on PC and device are shown in the corresponding forms. You should update the PC secret to reflect the correct secret contents, and click "Mark as merged". If the PC secret is already the correct version, just click "Mark as merged". If the device secret is already correct, then click "Copy to PC Secret" and then "Mark as merged".

When the sync completes, the PC secret will replace the device secret.

If modified in one location and deleted from the other

Select the conflicting secret in the list window. The PC and device panels will show in which location the secret has been deleted. Your choices are:
  • If the deletion is correct i.e. you want the secret also to be deleted from the location where it remains, click "Confirm deletion"
  • If the deletion is not correct i.e. you want the secret to be reinstated in the location from where it was deleted, click "Undelete". When the sync completes, the secret will be reinstated from the existing copy.

Sync timeout

By default the mobile device will only wait for two minutes for the sync operation to complete. This is so communication won't hang forever if sync was selected and PCSecrets is not active, or if there is some communication problem. You can change this value in the agent configuration in Secrets for Android.

If the operation does timeout before it completes, no changes are made. The operation can simply be retried.

Sync with two sets of secrets

Secrets for Android does not support the idea of having more than one set of secrets. Sync simply operates with the set of secrets that is currently being accessed.

 

Preferences

Access via the File->Preferences... menu option. The Preferences window is divided into these sections:

Secrets
Allows you to specify the location of the PCSecrets directory.

Sync
Here you can change the port numbers used by the program. This would only normally be necessary if the ports are in use. Note that this requires a change to the Secrets for Android sync agent configuration so the same port is used.

Log Level
You can set the log level for diagnostic purposes. The log is created in the home directory and named java{n}.log.

By default the log level is set to warning. Be aware that with the log level set to a finer level (info or fine) diagnostic information may be written to the log that could be used to compromise the security of your secrets. So do not as a matter of course set the log level below warning, and if you do set a lower level for diagnostic purposes, make sure you reset the log level afterwards and securely delete the Java logs.


Backup
Backups can be automatically created whenever a save is performed. The number of backup files that are kept can be specified - when the number is reached, the oldest file is deleted when a new one is created.

No comments:

Post a Comment