"Vapor-ware"....Alternative Keyfiles In SCD v1.21

Note; "Keyfiles", as used in Scramdicer are not the same thing as the "Keyfiles" that the new DriveCrypt package uses to restrict multiple users from entering a Master password in a corporate environment. Keyfiles here, refer to innocuous files that are data sources for a one-time-pad XOR operation; such as Scramdicers "Mask" function that disables, and subsequently restores, the password functions of an individual Scramdisk, DriveCrypt, or E4M virtual container. You still have to remember, and enter, your passwords in order to open a container that has been Masked by Scramdicer; and then restored to normal functions. The term "keyfile" will be freely interchanged with "passfile" to describe this process in Scramdicer.

Using SCD v1.21's "Mask" function and a "keyfile", or "passfile" to XOR (scramble) a DriveCrypt, E4M, or Scramdisk volume's keyblock in place leaves one with the nagging thought: "What if some search prog can FIND this little puppy in some exhaustive comparison run of all my media, and someone who stole my password then used it to de-Mask my container and open it?"

This is probably nothing to be concerned about unless a file was actually re-used on different containers. A file used as a data source for the "Mask" operation is, by definition, a contiguous object. It occupies separate cluster-space somewhere, sometime, on your hard-drive or removable media; and it's only practical to assume that if it CAN be found, then someone, somewhere, just might do that by testing each and every file on your system; however, there is a workaround, which allows for a rather Machiavellian example of an effective keyfile which has a very short half-life; and involves producing your own temporary "vapor-ware" keyfiles to use with SCD's "Mask". They are simple to produce with Edxor as the generator and destroyed after a single use....additionally, their deployment will substantially increase the security of one of these containers.

The idea here will be to use keyfile data for the Mask function that is not necessarily present as a definable file ANYWHERE...the keyfile will, instead, be a remembered LOCATION in a target...and locations are easier to keep private than a separate file; no matter how cunning the methods employed to hide stuff. Just like your password, a LOCATION will exist as a definable object only in your mind....except for the brief period when the nfo is used to produce, and use, a temporary file-object to feed into Scramdicer's "Mask" function; for instance. So, although this method can be used in similar applications, I'll describe it's use here with the idea in mind that the temporary "passfile", or "keyfile" will be used with the command-line version of Scramdicer, SCD.exe (...SCD v1.21...) for use with it's "Mask" feature; and then erased with a file-wiper.

Select a "read-only" file, such as something on a cd, that's over 1mb in size, at the least. This will be the "mother" file for our experiment, from which we'll generate a temporary keyfile.

Make sure that Edxor's "Recent" file list is disabled by default for these operations.

( File / Recent / Disable )

Drag this selected file into Edxor's open window from your cd; using Windows Explorer or another file manager.

In the left-hand part of Edxor's toolbar, there will be some numbers encased within brackets next to the file name. That number will be the entire size, in bytes, of the file in the window. You can simply divide it by some number to choose a specific area of the file to start from. Dragging Edxor's scroll bar down will also get you into different areas of the file. A temporary 15kb keyfile can be copied from anywhere within this "mother" file with a minimum of effort. Replicating it in the future will require a bit more planning....but it's still easy to do.

Choose "Edit / Set Selection" on Edxor's toolbar. When the box pops up, enter a number on the first line that will represent the location in the file of the specific byte at which you wish the selection to start.

This number should be carefully chosen; as you will have to remember it to restore a masked volume. We will use the number "10000" (...10,000 bytes = 9.76kb from the start of the file...) as the "start" of our selection for this example; even tho' it is rather close to the beginning of the file. Scramdicer will normally grab it's data for a Masking operation from the beginning of any file you choose as a keyfile by default, but what we're doing here is different. The object is to get a TEMPORARY keyfile from some random area within a "mother" file first, use it in SCD's "Mask" function, and erase it after use so that no tell-tales are left; yet still have the ability to replicate it easily. This will eliminate the possibility of anyone connecting a specific file with the Mask operation, since the data could be anywhere.

Enter a larger number in the second line...this one will represent the additional number of bytes to add in order to define the selection...we'll use the position at the 25,000th byte for this example to pad the selection out by another 15,000 bytes:

e.g.

line#1. 10000
line#2. 25000

....and click "OK".

The area in the file which has been defined by "Set Selection" will be highlited; it will be about 14.6kb of the "mother" file in size; and positioned at almost 10kb from the beginning of the "mother" file....and certainly, will be a minimum size for a viable keyfile.

Save this selection out to a RAM-drive, your actual hard-drive, or a floppy; by using "File / Save Selection"...always using the same name for these generated files....such as "help.gid", or "new"....the extension doesn't matter. You can, if you're really paranoid, use Edxors "Format / Flip" menu item to furthur alter the selection while it's highlited; and before saving it out to a separate file. Afterwards, when Edxor asks if you want to "save" this change in the mother file, check "No" and it will close without alteration; in case you're using a mother file which isn't "read only".

Call SCD v1.21 from a command line or batch file to use this temporary keyfile to scramble the keyblock of your target container; using SCD's "Mask" function:

[ scd.exe x mycontainer.svl help.gid 0x2400 ]

...and then ERASE the temp keyfile with Sami Tolvanens "Eraser", or whatever wiper you have.

Just make sure it's completely gone.

To restore the volume, you need only to remember your original "start" number + padding....and the location of the erased keyfiles "mother" to replicate the keyfile; and then run it and the target container through SCD.exe a second time to restore password functions to the container. The selected "mother" files can be different files at every new "Mask" run if you memorise common "start" + pad numbers. The "start" number can be positioned anywhere in the file...and an additional 15,000 bytes to fill out the selection will be adequate for the padding.

This "mother" file can even be the CONTAINER in question, as long as it's not too big for your system RAM to handle when held in Edxor. The fact that a new copy of the keyfile will be generated with completely different data at each run makes the use of a containers dynamic data section to produce one-time "vapor-ware" keyfiles a pretty slick solution when protecting the password mechanisms of smaller containers. Larger containers will need a separate "mother-lode" for such temporary keyfiles, depending upon their size; and your systems RAM. These should, preferably, be "read-only" files of some sort.

In this way, your keyfiles exist only in remembered locations; instead of as virtual objects. They are temporarily actualised to use with Scramdicer's "Mask" function; and then wiped...vaporised...sent to The Great Null directly after.

There will be nothing viable on your drive or media for a searcher to find and compare with anything else; and the process of changing keyfiles will be as simple as deciding upon a new area within any mother file to use for future selections.

As always, practice this on a dummy container until you get it right.

The SCD Team