Community
    • Login

    Encryption works, but how to protect file from edits using key

    Scheduled Pinned Locked Moved Help wanted · · · – – – · · ·
    5 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Kavin SoodK
      Kavin Sood
      last edited by

      I wanted a secure text file with personal information protected. Using securepad, i am able to encrypt text to garbled nonsense which cannot be decrypted without a key, but it doesn’t prevent anyone from just deleting or messing around with the file.

      Example:

      hehe this is my secret file
      

      with a key of 1234 will become

      B07D1AB4EBADF4F2C69190EC8770CD1A3E9CBF5E94E57905CB1DC62E791BBAF2
      

      which is great, but i can edit this file and add whatever I want, so when I decrypt it, random nonsense is included, like

      hehe this is my secret f뉀GXŸªǐ®¹ѷ_nmb»fDÁaߞø:þ
      

      So what can be done here? Any plugin within npp++ would be great. Or will it have to involve other programs? If you also regularly use password protected text files in any other app, please let me know.

      Alan KilbornA PeterJonesP dinkumoilD 3 Replies Last reply Reply Quote 0
      • Alan KilbornA
        Alan Kilborn @Kavin Sood
        last edited by

        @Kavin-Sood said in Encryption works, but how to protect file from edits using key:

        So what can be done here?

        Not really sure what you’re asking for, or what your expectation is.

        If I had to guess, I might suggest making your file read-only after you encrypt it.

        1 Reply Last reply Reply Quote 1
        • PeterJonesP
          PeterJones @Kavin Sood
          last edited by

          @Kavin-Sood said in Encryption works, but how to protect file from edits using key:

          but it doesn’t prevent anyone from just deleting or messing around with the file.

          There is nothing you could do in Notepad++ (or any other text editor, for that matter) to prevent the editor from editing the text that you open in the editor (unless the file is read-only, but any tech-savvy person can bypass read-only file status in a Windows environment that they have control over).

          The better idea is to encrypt and sign your secure text file; by checking the signature, you can tell whether the message has been edited. (This is what Don Ho allows users to do when he makes the gpg signature for Notepad++ – see the most recent download – we can compare the downloaded binary to the signature, and make sure the file hasn’t been changed, and we can check that the person who signed it has access to Don Ho’s private signing key, thus knowing he is the one who published the signature). Since you cannot prevent the file from being modified, you can at least let yourself know if it has been modified, so you know whether to trust it or not.

          Kavin SoodK 1 Reply Last reply Reply Quote 3
          • Kavin SoodK
            Kavin Sood @PeterJones
            last edited by

            @PeterJones hmm that seems like what I will have to do. Using gpg signature and keeping backups. Thanks!

            1 Reply Last reply Reply Quote 1
            • dinkumoilD
              dinkumoil @Kavin Sood
              last edited by

              @Kavin-Sood

              There is an en-/decryption plugin for Notepad++ called NppCrypt. You can find it when looking into Plugins Admin. It is available for 32 bit and 64 bit versions of Notepad++.

              The plugin supports various encryption methods and is able to add an HMAC to authenticate the encrypted document. This way it is not possible to change the encrypted document anymore, its decryption will fail. That means you need backups of your encrypted documents.

              Set up in a desired way, the plugin is able to automatically decrypt encrypted documents when they are opened and to automatically encrypt them when they are saved.

              Important hint: If the plugin author updates the plugin (happens very rarely), the new version might fail to decrypt documents encrypted with an old version of the plugin. This already happened two times in the past.

              1 Reply Last reply Reply Quote 3
              • First post
                Last post
              The Community of users of the Notepad++ text editor.
              Powered by NodeBB | Contributors