Azrar

Most of today's cryptographic standards will be broken with tomorrow's computational power.

Azrar (ˈazrɑː) is a user-friendly tool for the encryption/decryption of single files - preferably compressed archives like zip or tar.gz - addressing long-term data secrecy. Thus, Azrar provides the possibility to use webspace and/or email for secure data transfer between two communication/transfer partners.* In times of cloud computing and distributed subcontractors these services offer the possibility to link all branch offices together in a business environment.

However, this comfort facilitates industrial espionage. Especially when highly sensible data are stored on server of third-party supplier we should not trust in the irrelevance of our information or that it seems to be impossible for attacker to obtain our data without our passwords or keys.

Not only security agencies - see this article or this article for two examples of the recently uncovered spy activities related to the NSA - can have many ways to gain your values - and your information may be still valuable if the used encryption is broken in a few years.

Also if you believe in the global irrelevance of your data - not only competing enterprises practice industrial espionage but it is rumored that also the NSA engages in it.

Figure: Azrar under Windows XP after file encryption.
Azrar has been developed with the following aims to meet business requirements:
  • Data in encrypted files are secret/private indefinitely.
  • Azrar supports integrity checking and verification of the transferred data.
  • Azrar supports the user in checking the correctness of entered information.
  • Azrar does not change the system configuration. In fact, Azrar does not have to be installed. It does not store anything on harddisk - except for key generation.
  • Azrar supports several operating systems natively. There are different versions of Azrar for each operating system. Azrar does not require a runtime environment.
  • Azrar is free software, see license. Everyone is invited to review the source code and to employ and to validate Azrar.

More information can be found in

Azrar's manual and documentation.



* Network and email transfer is not yet included in the current version of Azrar itself and must be done manually via, e.g., sftp etc.