Secure, Air-Gapped Encryption: Deploying Custom Encryption for Non-Technical Enthusiasts
Aaron Smith & Carl Block
The recent NSA leaks by Edward Snowden have caused those with sensitive material, specifically journalists, to take a more cautious approach to encrypting their content. One such method is called "air-gapped encryption." In this method, the journalist has 2 computers: one that has never made contact with the internet and another that has. The air-gapped computer, the one that has never been connected to the internet, is used to create and encrypt documents, which will be transferred to the other computer by USB to be sent.
If a government knows that it wants to compromise someone's private data, the most effective way of doing so is to compromise the data before it can be encrypted for transmission. This requires that the data be stolen straight off of the hard drive, and the best way to do that is by infecting the computer via the internet. An air-gapped computer ensures that a virus has not been installed and that no data has been taken before encryption.
Given that air-gapped encryption requires two computers, there is a significant cost. Our goal with this project is twofold: first, to decrease the cost of implementing secure air-gapped encryption by making encryption software available on a $30 Raspberry Pi, and second, to simplify the encryption process so that it requires no technical knowledge.
Because the National Security Agency has clearly compromised every encryption algorithm currently available on the market (sarcasm intended), we will be writing our own encryption algorithm. The encryption process contains two distinct steps. First, the message will be encrypted using a Hill Cipher padding scheme. We will use the methods taught to us in Linear Algebra to dissect the message into manageable parts, create a suitable matrix, and encrypt the message sections with the matrix. When creating the encryption matrix, we must take the necessary steps to ensure that the resulting matrix has an inverse that does not contain any fractions.
After the message has been padded, we will use a custom, simplified public key encryption method to encrypt both the padded message and the hill cipher in a string. A public key encryption method uses a public key that is accessible to anyone, and encrypts a message using a formula with that public key. This is very hard to decrypt unless you have the private key, which will only be known to the recipient. Once this method is performed on the padded message and hill cipher, the message can be safely sent to the recipient.
When the message is received, the first layer of encryption will be removed using the private key. Then, the matrix will be separated from the message in the transmitted string. Finally, the matrix will be inverted and used to decrypt the message string.
This system will be built in two components: The encryption algorithm and the front end. The encryption algorithm described above will be implemented in a Python script. The front end will be built using Pyramid, a framework that combines Python, HTML, and CSS.
The front-end of the application will have a page for generating a public-private key pair, which will in turn execute the corresponding portion of the Python script. The main portion of the application will be for uploading encrypted messages to be decrypted and uploading unencrypted messages to be encrypted. It will be a simple drag-and-drop mechanism to keep user-interaction simple.
The front end software can be easily installed on a Raspberry Pi and run through a browser.