Covert

Major new features are included in this release:
* Forward Secrecy in conversations, making Covert the first offline messaging tool to implement that and the only one that conceals both the sender and the recipient, leaking no metadata.
* ID store for keeping permanent public keys and Forward Secrecy temporary keys.
- Avoids having to enter keys on command line, where identities stored on disk may be used by name
- Signature verification shows ID names for known keys
- Storage is protected by a Master ID passphrase that by default is 5 random words but can be changed
- See covert id --help
* Greatly improved CLI command help including colour and sub command help.
* Changes in signatures breaking compatibility with versions prior to 0.7.0. The current implementation is intended to be stable.
* Large number of bug and usability fixes, other improvements, increased test coverage, refactoring and more typing.

The main purpose of this release is for developers to start testing forward secrecy and ID store in actual use. Although their implementation is not stable, we need real world testing to guide further development. Please report anything that you find unclear or buggy, as well as ideas for improvement especially on user interface.

Both parties of a conversation need to have ID stores enabled to initiate a conversation with Forward Secrecy. The initial message sent uses standard public key cryptography, and unless the peer has ID store enabled, any replies to it are also not secured against key breaches. The protocol used is based on Signal's Double Ratchet with header encryption.

The GUI does not yet support the use of ID store, planned to be included in later versions once the system stabilises. Due to lacking agent support Covert will ask for ID store passphrase on each run but this is also subject to change such that the ID store may stay unlocked for a while and avoid frequent passphrase prompting.

We also like to thank our two new developers who have done valuable maintenance work and contributed to improved CLI help.

What's Changed
* Added Montgomery module and minor changes in Elliptic module by covert-encryption in https://github.com/covert-encryption/covert/pull/67
* Minor fixes on key parsing, typing and additional tests by covert-encryption in https://github.com/covert-encryption/covert/pull/76
* Fix blockstream decryption bug causing signature verification failures by covert-encryption in https://github.com/covert-encryption/covert/pull/80
* Add some tests by MarionetteAccount in https://github.com/covert-encryption/covert/pull/83
* Upgrade dependencies to avoid a problem with GUI not starting by covert-encryption in https://github.com/covert-encryption/covert/pull/84
* List supported key formats and examples in usage by heikkiorsila in https://github.com/covert-encryption/covert/pull/78
* Implement ID store in a file by covert-encryption in https://github.com/covert-encryption/covert/pull/81
* Add more typing by MarionetteAccount in https://github.com/covert-encryption/covert/pull/86
* Refactor CLI as a submodule with cli.py broken into smaller modules by covert-encryption in https://github.com/covert-encryption/covert/pull/87
* Improve covert dec UX with passphrases and ID store by covert-encryption in https://github.com/covert-encryption/covert/pull/88
* Second phase of ID store implementation by covert-encryption in https://github.com/covert-encryption/covert/pull/89
* Passphrase wordlist word "joint" replaced by "joe" to avoid confusion with some combinations like "jointrace" and "jointramp"

New Contributors
* MarionetteAccount made their first contribution in https://github.com/covert-encryption/covert/pull/83
* heikkiorsila made their first contribution in https://github.com/covert-encryption/covert/pull/78

**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.6.0...v0.7.0

It has been a few weeks since our last release but despite the holiday season we have been working and are proud to publish another big "minor" update in the form of 0.6 (with further patch releases expected in rapid succession). This is a breaking change for everything related to public keys.

This release implements **Dirty Elligator 2**, which is a system of ephemeral key creation and hiding. Covert had previously implemented the Elligator 2 algorithm in an effort to avoid any distinguishability from random data. Well, it turned out to be trickier than expected, as there still was a leakage of 3 bits in the form of Elliptic Curve subgroup selection. Actually, anyone who cares for that much technical detail should check out the [issue](https://github.com/covert-encryption/covert/issues/55) and [PR](https://github.com/covert-encryption/covert/pull/61) related to that, as there is plenty of highly educational discussion there. It should be noted that 0.6.0 uses our custom Python implementation of Ed25519 due to libsodium's shortcomings but that we are already working on making it instead use the excellent [Monocypher](https://monocypher.org/) library for such calculations (obviously also for better security).

Signatures have also been finally implemented using [Signal's XEdDSA](https://signal.org/docs/specifications/xeddsa/) protocol (like Dirty Elligator, for now implemented in plain Python in the [covert.elliptic](https://github.com/covert-encryption/covert/tree/main/covert/elliptic) submodule). This enables all types of 25519 keys to be used for both signing and encryption.

Other than cryptography, the GUI has also been largely rewritten, although bugs are still to be expected and will be fixed in shortly upcoming patch releases. The rewrite adds further functionality than before but more importantly makes future development much easier.

CLI has gained a new feature that had been requested by a couple of users: **editing of files** without extracting the plain text in between. This can be useful for keeping notes in an encrypted archive without ever exposing the contents to the hard drive. Use `covert edit` to edit any password-encrypted archive.

Automated testing and coverage CI has been in use for about a month now and we are steadily increasing coverage and making Covert more reliable by thoroughly testing all code.

What's Changed
* Changes for armor_max_size and tty_max_size. by rocketdey in https://github.com/covert-encryption/covert/pull/59
* Minor cleanup of CLI main by covert-encryption in https://github.com/covert-encryption/covert/pull/62
* Dirty Elligator for better hiding of the ephemeral key by covert-encryption in https://github.com/covert-encryption/covert/pull/61
* Improve CLI error messages and testing by covert-encryption in https://github.com/covert-encryption/covert/pull/64
* Support editing archives, keeping encrypted notes by covert-encryption in https://github.com/covert-encryption/covert/pull/65
* Added tests to test_cli by rocketdey in https://github.com/covert-encryption/covert/pull/69
* GUI improvements by covert-encryption in https://github.com/covert-encryption/covert/pull/68


**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.5.4...v0.6.0

A special THANK YOU

The Monocypher author LoupVaillant reported elligator's dirty secret to us and has been far more than just helpful in getting the issue fixed and the fix thoroughly reviewed, and has given valuable feedback on signatures and other design details as well. We salute you!

It is no small feat that he apparently wrote the first and only implementation of what we have now dubbed the Dirty Elligator 2, using bits and pieces of information that hardly anyone in the world knows, filling in the blanks himself. Yes, the theory of Ed25519 was well known, and the Elligator 2 paper is known by people familiar with cryptography but the devil is in those *dirty* details!

What's Changed
* Upgraded zxcvbn to avoid a crash on startup on Python 3.9.2 (Debian 11)
* Increased precision of random padding calculation by covert-encryption in https://github.com/covert-encryption/covert/pull/58

**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.5.3...v0.5.4

What's Changed
* Fix signature implementation broken by earlier blockstream refactoring. by covert-encryption in https://github.com/covert-encryption/covert/pull/51
* Additional e2e test on CLI for more coverage by covert-encryption in https://github.com/covert-encryption/covert/pull/52


**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.5.1...v0.5.3

What's Changed
* Do not print speech bubble on decoded message in GUI by covert-encryption in https://github.com/covert-encryption/covert/pull/46
* Allow mode selecting within combined short arguments. by rocketdey in https://github.com/covert-encryption/covert/pull/45
* Parser for SSH secret keys with support for passwords by covert-encryption in https://github.com/covert-encryption/covert/pull/47
* Adding tests for covert.passphrase by covert-encryption in https://github.com/covert-encryption/covert/pull/48
* Fix benchmark mode and add tests using it by covert-encryption in https://github.com/covert-encryption/covert/pull/50
* Run a full encryption/decryption test cycle over CLI by covert-encryption in https://github.com/covert-encryption/covert/pull/49


**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.5.0...v0.5.1

Our biggest release so far. A lot of changes, most notably a GUI in addition to CLI version. The file format of 0.5 is incompatible with earlier versions due to various changes made to it. Due to the sheer number of changes we except there to be bugs that should be ironed out in upcoming releases. Please report any issues encountered, so that we can fix them.

What's Changed
* Elligator2 hashing to scramble the ephemeral key header field. by covert-encryption in https://github.com/covert-encryption/covert/pull/24
* New password hashing spec and implementation, and related cleanup. by covert-encryption in https://github.com/covert-encryption/covert/pull/27
* Refactor armor functions to use str and removing any `>` quotes. by covert-encryption in https://github.com/covert-encryption/covert/pull/28
* Implementing graphical user interface by covert-encryption in https://github.com/covert-encryption/covert/pull/23
* Refactor file records as lists to save a few bytes and simplify code. by covert-encryption in https://github.com/covert-encryption/covert/pull/29
* Remove BOMs of input strings by covert-encryption in https://github.com/covert-encryption/covert/pull/30
* Compatibility with legacy Windows terminals by covert-encryption in https://github.com/covert-encryption/covert/pull/31
* Allow combining short CLI arguments by rocketdey in https://github.com/covert-encryption/covert/pull/32
* Better error message when using -r on keyfile by covert-encryption in https://github.com/covert-encryption/covert/pull/34
* Simplified decrypt auth handling (refactoring) by covert-encryption in https://github.com/covert-encryption/covert/pull/36
* Update unit tests with recent API and format changes. by covert-encryption in https://github.com/covert-encryption/covert/pull/40
* Add tox for automated testing, coverage etc. by covert-encryption in https://github.com/covert-encryption/covert/pull/41
* Increase padding on short messages for stronger protection by covert-encryption in https://github.com/covert-encryption/covert/pull/42
* Big refactoring of decryption functions, allowing for easier GUI implementation by covert-encryption in https://github.com/covert-encryption/covert/pull/43

New Contributors
* rocketdey made their first contribution in https://github.com/covert-encryption/covert/pull/32

**Full Changelog**: https://github.com/covert-encryption/covert/compare/v0.4.1...v0.5.0