Software Questions

I have tried to anticipate all of your software questions.
If you have any further questions then do not hesitate in contacting me.

Who is the encryption software for?
Anyone who wants to prevent unauthorised access to their digital content.
The possession or use of "Strong Encryption" is restricted in some countries.
You should confirm that AES-128 / 192 / 256 is legal in your jurisdiction BEFORE downloading it.

What are the best practices when using encryption software?
  • Make sure you always have a working backup of you files before attempting to encrypt them
  • Always decrypt a newly encrypted file and compare it with the original
  • Always use AES Metal with authenticated encryption, GCM. Or just use AES Protect
  • Always keep your passphrase safe. Without it your data is gone forever
  • Always keep the IV, Key and mode of operation safe, as without them your data is gone forever.
    This is NOT saved with the output file. It is down to the user to keep hold of this information
  • Encrypting multiple files with the same passphrase or IV and Key is not advisable

I have forgotten / lost my passphrase, Key, IV or mode of operation, how do I recover the plaintext?
Unfortunately your files are gone forever, and no amount of wishful thinking or money will get them back.
You maybe able to brute force, but that would take beyond the end of the universe to complete*
*Unless an insecure passphrase or IV and Key was used.
Do yourself a favour, always keep a backup of the original unencrypted file.

Which modes use PKCS7 padding? (AES Metal)
The encrypted output from CBC, ECB, CFB(128) and PCBC will be rounded up to the next multiple of 16 bytes.
When decrypting these modes, if the input is not a multiple of 16 bytes, an error will be displayed.
If invalid padding is detected, decryption will continue without displaying an error.
CTR and OFB do not require padding, so the encrypted output length will match the plaintext.
The output length from encrypting using GCM will be the input length + a 16 byte authentication tag.

Virus / Malware scanners flag the software as a threat
I became disillusioned after uploading hundreds of versions of my software to VirusTotal and Metadefender, trying to discover the source
of the false positives. Virus scanners really do hate hand-coded assembly.

Desktop versions of the antivirus software that were failing online didn't help either, as I couldn't get them to false positive locally.
To quote VirusTotal:-
"Some of the solutions included in VirusTotal are parametrized (in coherence with the developer company's desire) with a different heuristic/agressiveness level than the official end-user default configuration."

To analyze what the software is actually doing, I encourage you to load any of the executables in to x32dbg, and step through every instruction.

There is a "Publisher could not be verified message", when the software is run
Remove the tick from the "Always ask before opening this file". Or click Run.

Is the Advanced Encryption Standard Instruction Set used?
Yes, hardware acceleration (AES-NI) is automatically used if these instructions are available.
Also, in AES Metal you can select either AES-NI or software routines.

Is there support for multi-core CPUs?
Simultaneous encryption or decryption of multiple blocks is not supported.
You could run multiple instances of each program. Although, disk IO will be a bottleneck.

How fast is the encryption / decryption?
Test setup:
Intel Xeon E5-2630 V3
2 x 1 TB WD1003FZEX hard disks

AES Metal, 256 bit key, CTR
  • 2 GB file. AES-NI = 9 seconds. Software = 19 seconds
  • 8 GB file. AES-NI = 60 seconds. Software = 130 seconds

AES-NI is approximately twice the speed of the software routines. The speed does not scale linearly with increasing file size.
The hard disk stops bursting at around 3.5 GB of input, for the remainder of the file it slows down to its sustained speed.
When the hard disk is "sustained", the CPU usage drops to around 60% utilisation.
So, if you are encrypting multi gigabyte files with a fast CPU, you will also need a very fast hard disk (maybe a solid-state drive or RAM disk).

There is a long delay before encryption or decryption starts (AES Protect)
The passphrase needs to be converted in to a "key", the method of conversion is PBKDF2 SHA-256 with 524288 rounds.
Depending on the speed of the CPU, this process can take some time to compete, and is irrespective of input file length.

Is there support for message authentication?
Yes, through the use of Galois Counter Mode (GCM).
AES Protect, GCM is the only mode it uses.
AES Metal / AES Command, GCM must be selected.

Can a file encrypted with AES Protect or AES Metal be decrypted with AES Command?
Yes, and vice versa.

See the next question.

Passphrase considerations
It should be noted there are reserved characters which cannot be used at the command line, such as & | < > ^ and others.
Also, it may be possible that some characters are not available in different languages or other keyboard layouts.
So take this in to account when choosing a passphrase for AES Protect, or if decrypting with AES Command is required.
You should always perform a decryption and compare with the original file.

Can the encrypted output be verified against the NIST Test Vectors?
AES Metal is straightforward to verify.
Encrypted blocks are saved exactly as defined by the mode of operation and PKCS7 padding.
Except in Galois Counter Mode. The 16 byte authentication tag is prefixed to the output file, with the encrypted data to EOF.

AES Protect is tricky to independently verify.
To generate the key, you need your passphrase and the salt from the file header, and give them to another implementation of PBKDF2.
The counter and GCM authentication tag are also stored in the header.

When a file is encrypted with the same passphrase on different occasions, why is the output different? (AES Protect)
It is recommended to not use the same "Salt" more than once with the same key, so a new random Salt is generated each time.
Therefore, the encrypted output will be different. Don't worry, decryption will work as usual.

Will there be support processing an entire directory of files?
Using AES Command in a batch file, you could loop over each file individually.
Encrypting multiple files with the same passphrase or IV and Key is not advisable.

Where does ASCII Pass Gen store the passwords?
ASCII Pass Gen is not a password manager, it only generates them. Nothing is saved when it closes.
You copy the password to the Windows clipboard, and then paste it somewhere safe for later use.

Does any of the software "phone home"?
No. There will be no network activity at all.

Is the software portable?
Yes. None of the software on this site needs to be installed, just run it. Nothing is written to the disk or registry.
Unfortunately, Windows stores the names of programs run in a registry key called UserAssist.
You will have to do your own research on how to disable it.

The saved file has disappeared?
Check the directory C:\Users\{username}\AppData\Local\VirtualStore
Unfortunately, Windows likes to use a directory called VirtualStore. It puts files in there instead of where you actually want them.
You will have to do your own research on how to disable it.

Why doesn't a correctly decrypted file open when double-clicked? / What are the extra characters at the end of the filename?
It's the file extension (.exe, .ini, .jpg, .doc)
Unfortunately, by default Windows hides file extensions from the user. However, the AES software will always display them.
It is critical the decrypted file has its original extension. If it doesn't, Windows will not know how to open it when double-clicked in Explorer.
The filename is not stored with the encrypted file, so when choosing a filename I suggest using its full original name and add .aes to the end.
When decrypting, remove just the .aes
Eg. photos.jpg would become photos.jpg.aes

Will there be a versions for Linux / Mac / BSD?
No, this software is written in assembly language specifically for Windows operating systems.
Assembly is not as portable as a high level language such as C++, so it can't just be recompiled.
Also the Windows API is used extensively for the GUI components.

Is there Unicode support?