What's new? | Help | Directory | Sign in
Google
javeau
Encrypted storage tool, free and cross-platform
Project Home
  
Downloads
  
Wiki
  
Issues
  
Source
    
Search
for
Updated Feb 03, 2008 by germano.rizzo
Labels: FAQ, Featured
FAQ  
Frequently Asked Questions

Is it usable already?

Yes, of course. Check the Downloads section... :)

Wow! So can I trust it for all my data?

Ahem... would you trust something with a version number so small?? I'm using it for everything I have to protect, so I should spot all the most outstanding bugs - but I haven't tried it in every corner case possible.

Feel free to help me! :)

I can't do anything in the interface.

Try right-clicking on a pane.

It says "Secure folder already in use".

You can't open the same folder two times at once. If the VM goes down abruptly while you were using a secure folder, the lock file remains in the physical folder. Just access the physical folder with a normal file manager and remove the file named 'lock'.

"Malformed file"? Have I lost everything?

Probably not. The "index" file that stores the filesystem got corrupted, for some reasons; you should still have a backup, tough.

To restiore it, open the physical folder on the filesystem with a normal file manager, rename "index" in "index.corrupted" (just to be sure), and "index.bak" in "index". Then try re-opening the secure folder with Javeau. You'll probably have lost the latest change you made, but better that than everything...

Anyways, contact me: it shouldn't happen.

Java 6? What about OS X users?

Since a Java 6 JDK for OSX is underway, I don't see the need to support Java 5. Still, it would require few modifications to the code, so let me know if you're interested.

You say 256 bit security. Can you give more details, please?

The algorithm used is Phelix. It has 256 bit security, as said, and guarantees privacy and authentication of data in one primitive. It's also very fast in Java, the complexity is low, and is patent-free... so it seemed an ideal choice.

Phelix?? But it's insecure/broken/wounded!

Not true: the program avoids to use it in an insecure way. More specifically, there's an attack for Phelix that recovers the key, but only if the nonce (IV) used for encryption is repeated. Javeau takes care never to repeat the nonce, so the algorithm is perfectly safe. We could make a bet :).

It's true, however, that Phelix is young, and not studied well. It's difficult to think that anyone has got an unknown attack, since many bright minds have studied it and found no exploitable flaws; but it could be. So, Javeau will support other ciphers in the near future.

You state it's safer than AES. Heresy!

Maybe it's a bit overstated :) AES is a solid algorithm, while Phelix is still not studied much... Anyways, AES suffers from a number of side-channel attacks, as pointed out by D.J.Bernstein et al.; so it's not the Panacea Universalis...

Anyways, I don't like it. Will you support more ciphers?

Yes, but it's not easy to find a compact, fast and secure cipher with authentication. AES in EAX mode would probably do, but it's quite slow in Java. Feel free to write me for suggestions!

I'm an amateur in Java. Can I take your code as an example?

Yep sure. It's GPL3, tough, so you'll have to respect the terms of the license.

What IDE did you use?

Eclipse for the program (you can check out from SVN an Eclipse project). The GUI is designed with NetBeans and imported into Eclipse.


Sign in to add a comment