Forums Help & support GUID Mismatch Reply To: GUID Mismatch

#10912 Reply

Svante
Spectator

Hello Val,

The mention of “GUID mismatch” makes me think that you are using the old AxCrypt 1.x. This software has been deprecated since several years, and is no longer supported nor actively maintained.

In AxCrypt 1.x this could sometimes happen when the encryped file resides on a removable or remote media, and the connection is lost or the removable media is forcably removed without using the Windows “Safe Remove” feature. This in turn could happen because of an in retrospect unfortunate design decision.

AxCrypt includes a keyed HMAC to ensure the integrity of the encrypted file, i.e. that it cannot be modified without detection. In the AxCrypt 1.x file format, this HMAC was placed in the headers, at the start of the file. But, since it requires encryption of the entire file to be calculated, this design required AxCrypt 1.x to “rewind” the file and rewrite the headers at the start of the file. This was done by keeping all the headers in memory, and just leaving space for them at the start before rewinding at the end and writing all headers.

Windows caches writes in memory. So what could happen was that windows was behind, still writing at the end of the file, with the rewind and header writes queued to be written and then the user removed the USB stick. This would cause the file to be incompletely written at the end – and even worse, no headers at all to be written. This is one of the causes for the “GUID mismatch” error. Please note – there’s really nothing a software can do to prevent the premature removal of a USB drive, or disconnect of a network drive!

One of the improvements made in AxCrypt 2.x format is that we never rewind the file, instead the HMAC is written at the end of the file, along with a redundant copy of all the headers written at the start. This significantly reduces the risk of a complete failure to decrypt even a partially written file. Of course, if all data is not written, we can’t decrypt all data because it’s simply not there. But we can decrypt and recover what was written. That’s an improvement.

All this being said, the most common reason for “GUID mismatch” is that users rename non-AxCrypt files to end with “.axx”.

In summary – this is why one should not use deprecated, unsupported, unmaintained software!