Software:Acid Cryptofiler

From HandWiki
Short description: Cryptographic software program
Acid Cryptofiler
Original author(s)Centre d'Electronique de l'Armement
Developer(s)ACID Technologies (France)
Operating systemWindows
TypeCryptography

Acid Cryptofiler is a cryptographic software program designed by the department for "control of information" (Centre d'Electronique de l'Armement) of the French General Directorate of Armament (Direction générale de l'armement).[1][2][3] It is an online storage service.[4][contradictory] The software is now manufactured by ACID Technologies (France).[2]

History

Acid Cryptofiler is on a list of cryptographic software approved for usage by the European Union and by the North Atlantic Treaty Organization,[2][5] and is known to have been used by those organizations as well as by the European Parliament and European Commission since the summer of 2011.[6] It was approved for usage in the EU, in version V7, on 29 September 2011.[2]

In January 2013, as the Red October campaign was being discovered, researchers noted that the malware particularly targeted documents with .acid extensions, referring to documents processed by Acid Cryptofiler,[2][6][4] including the file extensions acidcsa, acidsca, aciddsk, acidpvr, acidppr, and acidssa.[7]

Overview

Acid Cryptofiler is based on the integration of government cryptographic libraries, including a CCSD API (CCSD means "Defense Security Cryptographic Layers"). It offers the following functions:

  • Asymmetric encryption (cf. public-key cryptography) in archive format (multi-file, multi-recipient) called Acid Archives.
  • Volume encryption (containers) in symmetric mode and asymmetric mode.

Acid Cryptofiler is delivered with a directory function to file public keys, that is compliant with LDAP and Active Directory.

A bunch file contains all public keys held by a user. A user can belong to different cryptographic domains (a domain is a CCSD library and a set of cryptographic parameters). Private keys are also stored in a bunch file.

The keys are generated by a centralized office under the responsibility of the chief information security officer. Before a user is given a key (or a pair of keys), he/she must be trusted by the centralized office.[citation needed] In France, Acid Cryptofiler does not fit for defense classified information.[3][verification needed]

Acid Cryptofiler was designed and developed by two military engineers of[citation needed] the Direction générale de l'armement.[3] It has been delivered since 1999 (version 4, 5, and 7).[citation needed]. It runs on Microsoft Windows.[3] The software is classified.[8]

According to a book by Gérald Bronner, Acid Cryptofiler was so slow that sending an email took 10 minutes.[9][unreliable source?]

References

  1. "CNRS Sécurité informatique n°11 march 2011" (in fr). March 2011. http://www.dgdr.cnrs.fr/fsd/securite-systemes/revues-pdf/Si11.pdf. 
  2. 2.0 2.1 2.2 2.3 2.4 Zetter, Kim (14 January 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others" (in en-US). Wired. ISSN 1059-1028. https://www.wired.com/2013/01/red-october-spy-campaign/. Retrieved 6 September 2021. 
  3. 3.0 3.1 3.2 3.3 Pierre, BARTHELEMY; Robert, ROLLAND; Pascal, VERON (2012-04-16) (in fr). Cryptographie: principes et mises en œuvre / 2ème édition revue et augmentée. Lavoisier. ISBN 978-2-7462-8816-4. https://books.google.com/books?id=-4u9AgAAQBAJ&dq=%22Acid+Cryptofiler%22&pg=PA179. 
  4. 4.0 4.1 Valeriano, Brandon; Maness, Ryan C. (2015-04-27) (in en). Cyber War versus Cyber Realities: Cyber Conflict in the International System. Oxford University Press. ISBN 978-0-19-020480-8. https://books.google.com/books?id=HuWkBwAAQBAJ&dq=%22Acid+Cryptofiler%22&pg=PA183. 
  5. "List of approved cryptographic products (LACP) for protecting EU Classified Information (EUCI)" (PDF). 5 July 2021. https://data.consilium.europa.eu/doc/document/ST-5335-2021-REV-5/en/pdf. 
  6. 6.0 6.1 Storm, Darlene (2013-01-14). "Red October 5-year cyber espionage attack: Malware resurrects itself" (in en). https://www.computerworld.com/article/2474163/red-october-5-year-cyber-espionage-attack--malware-resurrects-itself.html. 
  7. "Unknown hackers stealing EU files for past five years" (in en). https://euobserver.com/institutional/118729. 
  8. Walker, Danielle (15 January 2013). ""Red October" spy campaign uncovered, rivals Flame virus". http://www.scmagazine.com/red-october-spy-campaign-uncovered-rivals-flame-virus/printarticle/276016/. 
  9. Bronner, Gérald (2019-03-20) (in fr). Déchéance de rationalité: Les tribulations d'un homme de progrès dans un monde devenu fou. Grasset. ISBN 978-2-246-81281-4. https://books.google.com/books?id=oy-ODwAAQBAJ&dq=%22Acid+Cryptofiler%22&pg=PT61. 



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Acid_Cryptofiler&oldid=2784903"