This section describes in detail just what AxCrypt, what it does, and how it does it. It is mostly for technical experts, who have a good grasp on software development as well as cryptography. Information here is intended to be complete enough to build AxCrypt-compatible software for example.
It is a work very much in progress, and right now the main resource are documents detailing the format of AxCrypt files.
AxCrypt Version 2 Algorithms and File Format (PDF)Download AxCrypt Version 2 Algorithms and File Format
AxCrypt Version 1 Algorithms and File Format (PDF)Download AxCrypt Version 1 Algorithms and File Format
The complete source code for the core libraries and the Windows client are found at https://bitbucket.org/axantum/axcrypt-net .
What is stored on the Server?
When an account is created, we store some basic information.
- The email address of the account.
- The sign in status, number of failed sign in attempts, last time of sign in etc.
- The payment status.
- A RSA-4096 public key that is available for others to download in order to perform file key sharing.
- One or more RSA-4096 private keys, encrypted using AxCrypt and the sign in password, so we can keep it synchronized across devices, and as a backup should a device be lost or destroyed.
If the password manager is used, we also store an AES-256 XML-encrypted file with the password records, encrypted with the sign in password.
Apart from the above, we perform some logging that helps us monitor the infrastructure, and improve our support capabilities. This is detailed at https://www.axcrypt.net/documentation/privacy-policy/ .