Forums Community Unhappy with version 2 Reply To: Unhappy with version 2

#5490 Reply

Svante
Keymaster

Hello all,

Lots of good things said, and unfortunately some strong misconceptions about what we do, have and store.

Let’s start, briefly, with the hash issue. Yes, we use SHA-512. No, we don’t hash your password as such with it and store it anywhere. We use SHA-512 for two things – a HMAC, that’s a cryptographically strong checksum that ensures that we can be sure that nothing in the encrypted file has been changed. We also use it for password derivation – this is a process whereby we take a variable length typed password, and produce a fixed length (128 or 256-bit as the need be) value to use for the actual encryption algorithm. It’s essentially just another representation of the typed password, and we never store this anywhere.

What we *do* have on the server, is a private key encrypted with your password using… AxCrypt. Now, what’s the scenario AxCrypt is specifically made for, and actually deemed secure (provided the password is good enough) by all who have examined AxCrypt? It’s the case of an AxCrypt-encrypted file being accessed by an unauthorized individual. So, what can an attacker gain from the server? An AxCrypt-encrypted file, encrypted with your password. That’s exactly what you’re trying to protect in the first place. So either AxCrypt is strong enough to withstand the attack, in which case it doesn’t matter which file the attacker gets hold of – no go. Or, your password is weak, or AxCrypt is, in which case it doesn’t matter which file the attacker gets hold of – your data is not secure. The point being, what we keep on the server is no more sensitive than any other AxCrypt-encrypted file. And they are presumably not sensitive at all.