views:

37

answers:

1

I am thinking writing an app to encrypt many files before burning to disc. I burnt a disc with truecrypt and had problems copying the good files when the volume have bad sectors (http://serverfault.com/questions/48839/backup-on-disc-using-truecrypt-corruption-problem). I am not doing a complex application nor want to replace truecrypt and have virtual drives/files.

The idea is to encrypt each file. perhaps with out padding so each file is the same size. Some files will be tiny (1-8bytes, 10bytes 20kb etc) and i may have thousands and with known file types (png, pdf, doc, etc). I was thinking to use a salted key "SomethingVeryLongWithAtLeast32CharatersOrMaybeMore" + the user password. Using AesCryptoServiceProvider. Optionally encrypting the filenames. I dont know how to encrypt it with legal ascii names especially when nonascii is used but i thought maybe generating a random unique number and storing the original filename in an file may be a good solution.

I dont know if encrypting many files especially with known headers/patterns all with the same key is bad. I was thinking as an option the app can generate many keys then encrypt the keys in a file and do a lookup on the keys for each file (or key shared between X many files). But maybe thats just a waste since the encryption should be safe even if there are known bytes?

I would like this app to be cross platform. What are security traps i might fall into (small files? many files? small files with known headers? known files?) and what cross C# .NET platform traps may i fall into to make it not compatible with linux (and mac)

+2  A: 

Before starting to roll your own file encryption application would it not be easier to just confirm that the TrueCrypt volume is ok after it is written to the disc or use something else like 7Zip to back up and encrypt the files ?

Eoin
i'll consider using 7z instead if i can automatically encrypt files and have the option to encrypt names. But does 7z have secure encryption? Can it be broken with a few high end computers and a few days/hours?(or weeks)
acidzombie24
7Zip uses AES-256 which appears to still be secure although I don't think the filenames are encrypted., but if a high level of security is this important for you then I've yet to see anything come close to TrueCrypt
Eoin