Forums Help & support Purchase without online account Reply To: Purchase without online account

#12125 Reply

Svante
Keymaster

Hello Dave,

To add to what Raja said, which perhaps did not answer your question fully:

At this time, you should probably not be using AxCrypt if you don’t trust our implementation that actually does transmit the password to the server. We are considering using a challenge-response type of sign in mechanism that avoids this – but the problem is…

It’s really all about the trust you put in us. While the theoretical model is certainly “more secure” when the actual password is not transmitted, the practical implications are such that many users will lose the ease of use that AxCrypt has.

Remember that you will be using the password locally – and that’s really the weak part of the chain… Your device is likely used for general purpose browsing and working, including downloading and running softwares from the Internet (such as AxCrypt).

Our server, which you under no circumstances want to send the password to, is a locked down server running only essential software, and with very limited capabilities. We never store the password in reversible form. The additional attack vectors created by this architecture are (simplified):

1 – The transmission over SSL. If that is compromised, you and we all have bigger problems…

2 – Bugs/malicious code in our code. You already trust us by definition by running our code locally.

3 – External attacks targeting our operating environment. Definitively possible, but to actually retrieve a password transmitted requires the attacker to be able to inject arbitrary code in our application environment – without breaking our app. Possible, yes. Likely, no. Requires skill and resources beyond a private enterprise, if successful even then. A government may do so by simply forcing physical access to our server, but even that is unlikely to go unnoticed. It would require a major operation, and we’re somewhat if by no means fully protected by having all our servers physically in Sweden. We do not use cloud servers, or shared servers. Only servers physically owned and operated by us, but located in secure data centers.

AxCrypt is intended to achieve a high level of protection against malicious, private and commercial, attackers. However, governments have other ways to get what they want – and if you’re doing things that are illegal, we’re not your tool. In fact, the terms of use state that you are not allowed AxCrypt for illegal purposes. That being said – a normal criminal investigation will be stumped by AxCrypt encryption. A security or intelligence organization of a major world power, have as mentioned other cheaper and simpler ways at its disposal. Google rubber-hose cryptanalysis for example…