Grand Key System
   The Grand Key system is a method of using a single encryption key for multipal files while retaining the ability to quickly change the passphrase protecting those files.
   One drawback of using plain pass phrase fill encryption is the problem of changing the pass phrase.  Once files are encrypted based on a pass phrase, they have to be deciphered and then reencrypted using the new pass phrase.  This can be a problem for regulear pass phrase changes, especialy with large files.
   A solution for this problem is to use a master key, generated at random, to encrypt files.  This master key is then protected with a pass phrase.  Now, if many encrypted files need to have the pass phrase changed, it can simply be changed by modifying the pass phrase that protects the master key.
   In the grand key system, sevral grand keys are stored in a single file, a unit is provided retreive key from this file and a brute forcing program to demonstrate the strength of varuous key lengths.  The grand key main program is an interface for adding, modifying and removing master keys.  The grand key unit provides functions for requesting, verifying and retriving the master key for the purpose of encryption.
   The inner workings of the grand key system center around message digest algorithm.  For the example, MD5 has been chosen, although any message digest would work.  When a new master key is created, it is assigned a name and given a pass phrase to protect it.  The master key itself is chosen at random.  The size of the master key is that of the message digest algorithm.  The size relationship isn't necessary, but makes the example easyer to follow.  

Each master key is saved to a grand key file with a record format as follows:
  Key name
  Key salt
  Master key
  Confermation salt
  Confermation hash

   The 'master key' is saved encrypted by expanding the passphrase and XORing the hash output with the master key.  That is:
    Encrypted key = ( KeySalt + Passphrase -> MessageDigest -> HashOutput ) xor MasterKey
   By using a key size equal to the size of the message digest, we can simply encrypt the master key by XORing it with the expanded pass phrase.  
   Sence the acualy master key is random, it is imposibal to tell if a passphrase is collectly deciphering the key or not.  The confermation hash is the solution.  When the master key is generated, a second salt value is chosen.  This system is used to generate the confermation hash and check a passphrase:
     ConfermationSalt + Passphrase -> MessageDegest -> ConvermationHash
   If used to check a passphrase, the output of the message digest should match the convermation hash.  In the event this isn't ture, the passphrase is not the one used to do encryption.
Some things to note with this system:
  It is very important to have a good, sucure random number.  The master keys generated should be compleatly unpredictibal or all data encrypted with the master key will suffer from it's weakness.  Great care should be taken to cover the tracks of the random number generator to be sure an atacker can not ever reproduce the random number stream of the generator.  Otherwise, it may be posibal to reproduce the master key without having to bruteforce anything.
   The random data is equaly important for the two salt values.  It is important that the convermation salt be diffrent from the key salt.  If not, the convermation hash would be the XOR stream used to protect the master key-- and that would cercomvent the entire system.
  Care should be taken that the master key is never kept in an unencrypted state.  Don't view it, write it down or even keep backups.  It's best the master key be kept in one place so if the passphrase protecting it ever needs to be changed, that can take place without the risk of an old passphrase working on an old copy.  It's a toss up of safty vs sucirity, but such pratices are up to the owner of the data.
   This system takes into account any other system that will use a master key will also salt and expand the key.  This is especialy important for stream ciphers (such as with file encryption) as the result of using the same encryption key will lead to generating the same random stream-- a very bad thing.

Again, although this is a fully working system, it is intended to be an example, not a solution.

   The brute forcing system included in the archive is ment to demonstrate how a brute force atack can be launched agenst this system.  It isn't the fastest system, but it can crack small keys relitively quickly. 

Copyright ©2001-2005, Punkroy. Bla, bla, bla...