This project has moved and is read-only. For the latest updates, please go here.

Text Shredder – Personal Encryption Tool

Text Shredder Version 1.1 Now Available. If you are getting this version, you need to make sure your recipient is using the same version.

Text Shredder is Open Source and released under the Gnu Public License Version 3.0. The source code is available at Codeplex.

Text Shredder is written by Stephen Haunts. Stephen Maintains a blog called {Coding in the Trenches}.

If you find this tool useful, then you may like my other open source tool, Safe Pad, the encrypted text editor.

Text Shredder is a utility that simplifies encryption and decryption of plain text data. Plain text data is encrypted and can then be easily copied to the clipboard or saved as a text file. This text file can then be sent via your normal instant chat/messenger programs or email.

Text Shredder - Personal Encryption Tool

Text Shredder allows you to set up to 2 passwords (the 2nd password is optional). These passwords are then used to create a strong encryption key which is used to encrypt your text using the industry standard FIPS Certified AES algorithm (Advanced Security Standard). 

Why Text Shredder

Sometimes you need send secret messages to another person(s) but you are worried about security. You may be on a network where you don’t have any control over security settings like a corporate network, or a public wifi network. You may not trust sending sensitive data over your work email, or your web mail. Even though these systems may be encrypted, someone else has control over the keys so could potentially read your messages.

Another reason to use Text Shredder is that you may not have administrative rights on the machine you need to send messages from. Tools like GPG4Win require admin rights on the machine to run the installer. Text Shredder is truly portable, you do not need to  run an installer file and you do not need administrative privileges to run the tool. Tools like GPG4Win, whilst they are very good they can be quite tricky to set-up for people who are not experienced in dealing with security certificates etc. Text Shredder is designed to be very easy to use by just about anyone, even with only very basic computing skills.

Basic usage process with Text Shredder

Text Shredder is a simple utility that allows you to encrypt text using industry standard FIPS Certified AES Encryption algorithms. You can then paste this encrypted text or text file into you email or chat messages. This essentially gives you another layer of message based security on top of what is already provided.

Text Shredder - Personal Encryption Tool

 

The recipient of your message then loads up Text Shredder, types in the same password(s) (you need to agree these before hand), and then they can decrypt and read the message. Text Shredder is designed to be very easy to use and portable (no installer required). You can just carry the binaries for Text Shredder with you on a USB stick, or easily download it from a private server.

Text Shredder is useful if you need to :

  • Send a message over an un-encrypted network.
  • Send a message over an encrypted network that you don’t trust.
  • Send a message via email / webmail and you are worried about who could potentially read you messages.
  • Send a message via instant messenger / chat.
  • You need to get confidential information into or out of a company without anyone being able to read it.

Features

Text Shredder - Personal Encryption Tool

 

Text Shredder has the following features:

  • Encrypt plain text using password-based encryption.
  • Decrypt text using password-based encryption.
  • Encrypt / Decrypt using the following algorithms, BCrypt, AES 256, Rfc2989 Password-based Key Derivation Function.
  • Application themes with low contrast last and dark colours to make it harder for people looking over your should to read text on your screen.
  • Password entry box that allows up to 2 passwords to be entered.
  • Password entry box also has an on screen keyboard to help mitigate key loggers.
  • Load plain text files into the application.
  • Save encrypted cipher text to a file.

 

Release Notes for Version 1.1

  • Added a HMAC to the encrypted message. The ciphertext + original salt is HMACed using the AES key. When the message is decrypted, the HMAC is recomputed and compared to the original. If it doesn't match then the message has been corrupted or tampered with.
  • Removed BCrypt from the internal password hash. After peer review it was deemed un-neccesary as a PBKFD (Rfc2898) is used with 70,000 iterations to generate the AES key.
  • When setting up the AesCryptoServiceProvider, make the cipher mode and padding schemes more apparent. This application uses AES set to CBC mode with PKCS7 padding.
  • Add a word wrap option to the file menu. This enables/disables word wrap on all the text boxes.
  • When the user first loads up Text Shredder, show an upgrade warning stating that their message recipients must be using the same version of the tool. They can click on a "Do not show this again" checkbox to disable the warning then they next run the program.

Last edited Apr 1, 2014 at 2:12 PM by stephenhaunts, version 20