Tird
Encrypt files & Hide encrypted data
Install / Use
/learn @hakavlad/TirdREADME
tird
tird /tɪrd/ (an acronym for "this is random data") is a file encryption tool that minimizes metadata and hides encrypted data.
With tird, you can:
- Create files filled with random data to use as containers or keyfiles.
- Overwrite the contents of block devices and regular files with random data to prepare containers or destroy residual data.
- Encrypt file contents and comments with keyfiles and passphrases. The encrypted data format (cryptoblob) is a padded uniform random blob (PURB): it looks like random data and has a randomized size. This reduces metadata leakage from file format and length and allows cryptoblobs to be hidden among random data.
- Create steganographic (hidden, undetectable) user-driven filesystems inside container files and block devices. Unlike VeraCrypt and Shufflecake,
tirdcontainers do not contain headers; the user specifies the data locations inside the container and is responsible for keeping those locations separate. Any random-looking region of a file or block device may be used as a container. - Prevent fast access to decrypted data using time-lock encryption.
tird offers built-in plausible deniability, even when encrypted files are stored outside containers. It also helps resist coercive key-disclosure attacks (rubber-hose cryptanalysis, xkcd 538).
[!WARNING] Before using
tird, please read the "Warnings" section. Security depends not only on the tool but on your actions: secure key storage, operating in a safe environment, and avoiding debug mode with real data.
🔜 Format stabilization and a formal specification are planned for v1.0.0.
Goals
- 🛡️ File protection: Ensure protection of individual files, including:
- Authenticated symmetric encryption.
- Minimizing metadata leakage.
- Resisting coercive attacks.
- ⚓ Stable format: Ensure a stable encrypted-data format with no cryptographic agility for long-term storage.
- ⚪ Simplicity: Ensure simplicity and avoid feature creep; refuse to implement features not directly related to the primary security goals.
Features
- [x] PURB-format encrypted blobs: randomized size and uniformly random contents; metadata-limited (only total size leaks — no headers, types, or plaintext hints).
- [x] Padded and encrypted comments: no plaintext hints about content.
- [x] Hidden data embedding (optional): conceal cryptoblobs inside random/encrypted containers for plausible deniability.
- [x] Time-lock encryption (optional): slow offline PoW-based key derivation to delay decryption (anti-coercion).
- [x] Robust authenticated encryption: fully committing, quantum-safe ChaCha20-BLAKE2b AEAD.
- [x] Strong key stretching: Argon2id (libsodium "sensitive" profile) — 1 GiB memory, 1 lane, 4 passes (default and minimum).
- [x] Arbitrary key material: derive keys from passphrases, files, block devices, or directories — order does not matter.
- [x] Prompt-based CLI: intuitive and interactive, no flags to memorize.
- [ ] [TODO] Stable, documented format: planned for long-term archival and interoperability.
Usage
You don't need to memorize command-line options to use tird. This tool features a prompt-based CLI: simply start it, select a menu option, and answer the questions that will follow.
$ tird
MENU
———————————————————————————————————————————
0. Exit 1. Info & Warnings
2. Encrypt 3. Decrypt
4. Embed 5. Extract
6. Encrypt & Embed 7. Extract & Decrypt
8. Create w/ Random 9. Overwrite w/ Random
———————————————————————————————————————————
A0. SELECT AN OPTION [0-9]:
Input Options
There are 4 groups of input options: A (Action), D (Data), K (Keys), P (Proceed). They are numbered for ease of description.
+——————————————————————+————————————————————————+
| A0. SELECT AN OPTION | A. Select an action |
+——————————————————————+————————————————————————+
| D1. INPUT FILE PATH | |
| D2. COMMENTS | D. Enter data, |
| D3. OUTPUT FILE PATH | data location, |
| D4. OUTPUT FILE SIZE | data size |
| D5. START POSITION | |
| D6. END POSITION | |
+——————————————————————+————————————————————————+
| K1. KEYFILE PATH | K. Enter values |
| K2. PASSPHRASE | related to |
| K3. TIME COST | key derivation |
+——————————————————————+————————————————————————+
| P0. PROCEED? | P. Confirm to continue |
+——————————————————————+————————————————————————+
A detailed description of these options with examples can be found here.
Payload
The payload that will be encrypted during cryptoblob creation consists of:
- Contents of one file (optional): A regular file or a block device (entire disk/partition). If omitted, an empty file payload is encrypted.
- Comments (optional): Arbitrary UTF‑8 string, up to 1 KiB. By default, the input file name is used. Decrypted comments are shown upon decryption.
Specifying the payload in the UI looks as follows:
D1. FILE TO ENCRYPT (OPT): files.zip
I: path: 'files.zip'; size: 2,824,230,648 B (2.6 GiB)
D2. COMMENTS (DEFAULT='files.zip'): The X-Files, zip (секретные материалы)
I: comments will be shown as ['The X-Files, zip (секретные материалы)']
Input Keying Material
tird provides the option to use the contents of keyfiles and a passphrase to derive one-time keys.
- Keyfiles (optional): Zero, one, or multiple keyfile paths; order of inputs does not matter. A keyfile path may be:
- A <ins>regular file</ins>. The contents of the keyfile will be hashed, and its digest will be used for further key stretching and key derivation.
- A <ins>block device</ins>. Handled the same as a regular keyfile: contents will be hashed.
- A <ins>directory</ins>. All files within the directory will be hashed and used as keyfiles.
- Passphrase (optional): Up to 2048 bytes after Unicode normalization (form C); may be omitted.
Specifying IKM in the UI looks as follows:
K1. KEYFILE PATH (OPT): key
I: path: 'key'; size: 32 B
I: reading and hashing contents of 'key'
I: keyfile accepted
K1. KEYFILE PATH (OPT):
K2. PASSPHRASE (OPT):
K2. CONFIRM PASSPHRASE:
I: passphrase accepted
Encrypted Data Format
- PURB format:
- Data that looks random and contains no identifiable headers; it cannot be distinguished from random data without the corresponding keys. This property allows cryptoblobs to be hidden among other random data.
- Randomized size: padding length is chosen uniformly between 0% and 25% of the unpadded cryptoblob size (equivalently, up to 20% of the final cryptoblob size).
- Comments are padded (or truncated) to a fixed size of 1 KiB before encryption, fully concealing their original length.
- Bilaterally applied salts: overwriting the beginning or the end of the cryptoblob (or storing an incomplete cryptoblob) makes successful decryption impossible.
+————————————————————————————————————————————————————————+
| CSPRNG output: |
| Salt for key stretching used with Argon2 (16 B) |
+————————————————————————————————————————————————————————+
| ChaCha20 output: |
| Encrypted pad_ikm (8 B) |
+————————————————————————————————————————————————————————+
| CSPRNG/BLAKE2 output: |
| Randomized padding (0-25% of the unpadded size) |
| + MAC tag (32 B) |
+————————————————————————————————————————————————————————+
| ChaCha20/BLAKE2 output: |
| Encrypted payload file contents + MAC tags (0+ B) |
+————————————————————————————————————————————————————————+
| ChaCha20/BLAKE2 output: |
| Encrypted padded comments (1 KiB) + MAC tag (32 B) |
+————————————————————————————————————————————————————————+
| CSPRNG output
Related Skills
node-connect
354.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
112.2kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
354.0kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
354.0kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
