Acid Cryptofiler is a cryptographic software program designed by the department for "control of information" (Centre d'Electronique de l'Armement) of the French General Directorate of Armament (Direction générale de l'armement).[1][2][3] It is an online storage service.[4][contradictory] The software is now manufactured by ACID Technologies (France).[2]

Acid Cryptofiler
Original author(s)Centre d'Electronique de l'Armement
Developer(s)ACID Technologies (France)
Operating systemWindows
TypeCryptography

History

edit

Acid Cryptofiler is on a list of cryptographic software approved for usage by the European Union and by the North Atlantic Treaty Organization,[2][5] and is known to have been used by those organizations as well as by the European Parliament and European Commission since the summer of 2011.[6] It was approved for usage in the EU, in version V7, on 29 September 2011.[2]

In January 2013, as the Red October campaign was being discovered, researchers noted that the malware particularly targeted documents with .acid extensions, referring to documents processed by Acid Cryptofiler,[2][6][4] including the file extensions acidcsa, acidsca, aciddsk, acidpvr, acidppr, and acidssa.[7]

Overview

edit

Acid Cryptofiler is based on the integration of government cryptographic libraries, including a CCSD API (CCSD means "Defense Security Cryptographic Layers"). It offers the following functions:

  • Asymmetric encryption (cf. public-key cryptography) in archive format (multi-file, multi-recipient) called Acid Archives.
  • Volume encryption (containers) in symmetric mode and asymmetric mode.

Acid Cryptofiler is delivered with a directory function to file public keys, that is compliant with LDAP and Active Directory.

A bunch file contains all public keys held by a user. A user can belong to different cryptographic domains (a domain is a CCSD library and a set of cryptographic parameters). Private keys are also stored in a bunch file.

The keys are generated by a centralized office under the responsibility of the chief information security officer. Before a user is given a key (or a pair of keys), he/she must be trusted by the centralized office.[citation needed] In France, Acid Cryptofiler does not fit for defense classified information.[3][verification needed]

Acid Cryptofiler was designed and developed by two military engineers of[citation needed] the Direction générale de l'armement.[3] It has been delivered since 1999 (version 4, 5, and 7).[citation needed]. It runs on Microsoft Windows.[3] The software is classified.[8]

According to a book by Gérald Bronner, Acid Cryptofiler was so slow that sending an email took 10 minutes.[9][unreliable source?]

References

edit
  1. ^ "CNRS Sécurité informatique n°11 march 2011" (PDF) (in French). March 2011. Archived from the original (PDF) on August 15, 2012. Retrieved August 11, 2013.
  2. ^ a b c d e Zetter, Kim (14 January 2013). "Cybersleuths Uncover 5-Year Spy Operation Targeting Governments, Others". Wired. ISSN 1059-1028. Retrieved 6 September 2021.
  3. ^ a b c d Pierre, BARTHELEMY; Robert, ROLLAND; Pascal, VERON (2012-04-16). Cryptographie: principes et mises en œuvre / 2ème édition revue et augmentée (in French). Lavoisier. ISBN 978-2-7462-8816-4.
  4. ^ a b Valeriano, Brandon; Maness, Ryan C. (2015-04-27). Cyber War versus Cyber Realities: Cyber Conflict in the International System. Oxford University Press. ISBN 978-0-19-020480-8.
  5. ^ "List of approved cryptographic products (LACP) for protecting EU Classified Information (EUCI)" (PDF). data.consilium.europa.eu. 5 July 2021. Archived from the original on 2021-09-06. Retrieved 6 September 2021.
  6. ^ a b Storm, Darlene (2013-01-14). "Red October 5-year cyber espionage attack: Malware resurrects itself". Computerworld. Retrieved 2021-09-06.
  7. ^ "Unknown hackers stealing EU files for past five years". EUobserver. Retrieved 2021-09-06.
  8. ^ Walker, Danielle (15 January 2013). ""Red October" spy campaign uncovered, rivals Flame virus". Archived from the original on 9 October 2015. Retrieved 6 September 2021.
  9. ^ Bronner, Gérald (2019-03-20). Déchéance de rationalité: Les tribulations d'un homme de progrès dans un monde devenu fou (in French). Grasset. ISBN 978-2-246-81281-4.