⚠️ IMPORTANT: Previous versions of Kryptor contain a severe nonce reuse security vulnerability. Please decrypt your files with the previous version before updating. This release contains breaking changes.
This release was not planned and has been rushed, but I discovered this vulnerability yesterday when developing v3.0.0 Beta, and it needed to be fixed as soon as possible. It's a classic case of knowing good practices but failing to implement them correctly. I sincerely apologise for its existence and not spotting it sooner. It's existed ever since the program was released, which is why it went unnoticed. The good news is that it has now been patched, and I will be extra cautious with future versions.
Changelog
- Fixed nonce reuse vulnerability. Switched to a counter instead of a random nonce.
- Now only supporting XChaCha20 for file encryption.
- No longer using associated data to hash the password since there's only one encryption algorithm.
- Removed Shred Files feature.
- Minor code improvements.
- Minor changes to CLI --help.
- Updated website URLs to lowercase.
Instructions & Requirements
Click to view
Running Kryptor
Instructions for running Kryptor can be found here.
CLI Requirements
There are no requirements for Windows, Linux, or macOS. Remember to mark the 'kryptor' file as executable (e.g. 'chmod +x kryptor') on Linux and macOS before running it from the terminal.
GUI Requirements
Windows: .NET Framework 4.8
Linux & macOS: Mono
Building Kryptor
If you'd like to build Kryptor from source, then please download the master branch. Instructions can be found in the README.
Verifying Signatures & Hashes
Click to view
Verifying Signatures
The GPG signatures are attached (the '.sig' files) and so is my public key (the 'kryptor_signing_key.asc' file). Instructions for verifying the signatures can be found here.
Hashes
| Version | SHA256 |
|---|---|
| KryptorGUI - Installer | e6a79b2c80f4ebdfc744bdbccb18ca30899451ca32e5b903cbccc404c764c78f |
| KryptorGUI - Portable | 50060b7f0b7ab851941ff5797508bfe916291877326368a35f590b1e5db362df |
| KryptorCLI - Windows | 0f936a0568a50bc723eef7833991fdea49e333254f6e339803e86be731f99785 |
| KryptorCLI - Linux | d30daa47d6e32b2acac59c7273c1c33fdbddaf725be2fcee7f3a7780ff969d4a |
| KryptorCLI - macOS | 399cb5e720daeb41487f94b8278a60a7b0473e38710b9e4d686b473b6db6795c |