6.7 KiB
Features Under Consideration
- Get Picocrypt audited (please donate to help fund the audit)
- Tweakable Argon2 parameters (with lower bounds)
- Hidden volume like VeraCrypt (thanks u/greenreddits)
- CLI (thanks u/your_username)
v1.XX (a future release)
- File name encryption
- Customizable Argon2 parameters
- Associate .pcv file extension with Picocrypt
- Generate checksums for text
- Replace show password button with an eye icon
- Add start button to shredder (improve user flow)
- Make UI more consistent (minor DPI issues)
- Improve Reed-Solomon performance
v1.17 (ETA: 1 week)
Note: v1.17 will be incompatible with 1.16 (and therefore 1.15 and 1.14).
- ✓ (abandoned due to UI issues with ASCII codes >128) Extended ASCII set in password generator
- ✓ Tooltips for all advanced options
- ✓ Localization support (use system default where possible)
- ✓ Auto detect system locale, fallback to English
- ✓ Fix ETA negative number bug
- ✓ Add clear button to password field
- ✓ Multiple keyfiles support and DND
- ✓ Option to require specific keyfile order
- ✓ Keyfile generator
- ✓ Make sure only one of "Fast mode" and "Paranoid mode" can be enabled
- ✓ (abandoned because this could cause issues with different language characters) Filter invalid charaters and emojis out of "Save as" text entry
- ✓ Fix bug where metadata says "read-only", but the textbox is modifiable
- ✓ Add option to delete encrypted files after decryption
v1.16 (Released 08/11/2021)
- Fixed bug when entering a wrong password when decrypting a splitted file
- Fixed bug where an existing file is delete when a wrong password is used
- The password generator is now customizable
- Make keyfile support more reliable (keyfile now out of Beta)
- Fix keyfile user flow issue
- Bug fixes
- UI fixes improvements
v1.15 (Released 08/09/2021)
- Add cancel button to file shredder and custom number of passes
- Password generator
- Make password strength circle start at top
- Fix shredder UI bugs
v1.14 (Released 08/07/2021)
v1.14 will unfortunately be incompatible with v1.13, as I have dropped Poly1305 in favour of an HMAC. Because I have appended the encryptor version to the encrypted data in v1.13, however, v1.14 and on will be able to tell you which version your data was encrypted with so that you can fetch the correct verion of Picocrypt. There are no security issues in any previous versions of Picocrypt as long as you use a strong password.
- Low-severity security fix for the recently discovered partitioning oracle attacks
- Move from Monocypher to Go's standard supplemental ChaCha20 in favour of being the latter being stateful
- Add SHA3 (normal mode) and BLAKE2b (fast mode) as HMAC to replace Poly1305 and prevent partitioning oracle attacks
- Removed ~100 lines of unnecessary code now that Picocrypt uses Go's ChaCha20 (cleaner and stabler code)
- Added window icons
- Switch to a new Reed-Solomon encoder that automatically corrects errors
- Add a "Paranoid mode", which will use the Serpent cipher in addition to XChaCha20
- Cleaner code with plenty of comments for people taking a look
- Metadata is now Reed-Solomon encoded (everything bit of header data is now RS-encoded for redundancy)
- Reed-Solomon checkbox is now enabled and Reed-Solomon works
- Implemented Dropbox's zxcvbn password strength checker
- Removed paranoid shredding as it is too hard to implement correctly and not cross platform
- Fixed Windows zip extract error notice that doesn't appear in 7-Zip (edit: it was a backslash and forwardslash issue)
- Optional shred temporary files checkbox
- Remove BLAKE3 from the checksum generator tab, as it has no practical use and requires a non-standard library
- Advanced options are shown dynamically depending on whether encrypting or decrypting
- Window closing disabled during encryption/decryption/shredding to prevent leakage of temporary files
- Reduce padding of metadataLength from 10 to 5 (you probably won't type more than 99999 metadata characters)
- Use regex to check if an input file is a valid Picocrypt volume or not (during decryption)
- Improved user flow as well as fix UI bugs
- Code optimizations
- Many bug fixes/stability improvments
v1.13 (Released 5/29/2021)
Note: v1.13 will be INCOMPATIBLE with all previous releases! This will likely be the last change in the header format, meaning that all future releases should be compatible with v1.13 and on.
- Picocrypt has been ported from Python to Go, thus completely rewritten
- Added fast mode, which can achieve ~250MB/s
- Added file shredder and file checksum generator
- Automatically checks for newer versions
- Added file chunking support
v1.12.1 (Bug fix patch, released 04/11/2021)
There was a major bug in v1.12 that caused the "Secure wipe" feature to show "Unknown error" when done. This wasn't anything serious security-wise and v1.12.1 has the fix for this bug. Also, a bug that causes "Secure wipe" to hang has been fixed.
v1.12 (Released 04/07/2021)
- Beautiful UI
- More than x2 as fast as previous versions
- Add cancel button to cancel encryption/decryption
- (Bug) Delete existing file only if password is correct
- Minor aesthetic fixes
- Complete rewrite from scratch, to ensure reliability and security
- Better anti-corruption (re-defined header format)
- Switch to Argon2d instead Argon2id for better security
- Switch from SHA3 to BLAKE3 for corruption check
- Better user flow
v1.11 (released 03/23/2021)
- Much more secure wipe via
sdelete64
for Windows,shred
for Linux, andrm -P
for MacOS - Much more beautiful UI for MacOS
- Robust secure wipe support for drag and dropped files/folders
- Only open input files in read mode, since write mode is unnecessary
- Clean up source code, add better comments
- New: Drag and drop support (multiple files, a folder, a file and a folder, etc.)