WinSesame uses the WNS1040 algorithm by
The WNS1040 algorithm is the most powerful available today and
uses the most recent technologies in cryptography.
Type of algorithm:
Lost key symmetric double encryption algorithm with no key length
Double encryption : This algorithm performs 2
encryption passes using different keys.
Symmetric : The same keys
are used to encrypt and decrypt data
Key lost : The encryption
keys or anything that cannot be restored to them are not in the encrypted
Without limitation of key length : Keys are not limited in
length because the difficulty of breaking a protection varies exponentially with
the length of the key.
The WNS1040 algorithm performs a double encryption
of the data.
1st encryption or use of the single encryption algorithm
The first encryption is performed using a key generated from the
character string consisting of the password provided which undergoes several
hashes allowing to obtain from a password of any length an encryption key of the
length data to be encrypted with an infinitely low risk of collision (the number
of collisions is the number of strings of different characters which would give
the same key). Data is encrypted using this key. Then a sequence of
initialization vector dependent permutations generated from another hash of the
password is applied. No fixed data is provided by the program, everything comes
from the password provided.
If only the first encryption is used, the
encrypted data is saved at this stage. The recorded data does not of course
contain any trace of the key used, nor of the password nor of the initialization
vector of the permutation sequence.
There is no possibility of breaking
by looking for the key used. It is clear that at this stage the only possibility
is the brute force attack: a technique consisting of trying all possible
combinations of passwords. For information, a password containing 10 characters
(upper case, lower case, number) offers 8x10 17 possible
In practice, at this level of security, the only means of
attack is to try to find out directly the password used by a back door: spyware,
keyloger etc. installed on the computer unless the password used either the name
of the dog, the first name of the mother etc ... or the same one used for an
insecure service hacked recently.
2nd encryption :
where the second encryption of the WNS1040 algorithm comes in. It proceeds
essentially in the same way as the first but will use instead of a password the
content of any file (for example a photo) called a digital key. The size of the
file is not limited and may even be greater than the volume of data to be
encrypted, but at this level of encryption it is not the most important. The
number of possibilities with a 3MB file would be 7 x 10 7224719 .
The interest is above all to require the availability of this file to open the
To open a file encrypted in this way, you must have the key file
AND know the password.
Typical use of this double encryption
You have a highly confidential folder on your computer
containing files where data that should not be left lying around are stored. You
want to protect this folder very effectively:
Take a photo that you save
to a USB stick, SD card, your phone etc ...
Choose a password that you save
... in your head.
Lock the entire file or folder to be protected using the
password and the digital key file.
When you leave your office you take
your USB key, SD card, phone, etc. If someone knows your password, they don't
have the key. If someone steals the key from you, they don't have the
Usage tips authorized by this algorithm :
you still use the same key file and lock files or folders with different
passwords, you can save the paths to this file in the options window of
WinSesame. This way, provided that the digital key holder is connected to your
computer, you lock and unlock your files and folders as if you had locked them
only with a password. If the digital key is removed no protected file or folder
can be opened.
Protection only by the digital key: In the options of
WinSesame you record the path of the key then you record a password. All files
or dossiers that you lock will use the same key file and the same password which
means that when the digital key is connected to the computer all your protected
files open with a single double click and are closed by WinSesame without having
to provide password. But if the key is not present no WinSesame file can be
Before removing the digital key from your computer, remember to
launch the function to relock any WinSesame files or folders that have been
opened. Because if the unlocking of a WinSesame file is impossible without the
key its locking either.
See the tips regarding the relock function of all
unlocked WinSesame files.
algorithms are available for compatibility with existing documents.
WNS915, AES, 3DES, DES as well as WNS910 (unlock