Reply To: Unhappy with version 2

[Igor]

Hi Joseph,

You say you that cryptography is one of “your strong points” yet you’ve got a number of misunderstandings.

AxCrypt 2 can be used without an email address as long as the input follows the correct syntax, e.g. user@gmail.com

The software can also be used in ‘permanently offline’ mode which simulates loss of network, unavailable servers, company closure etc.

Therefore it’s fundamentally wrong to suggest that if the “website is down” that you can’t decrypt your files.

Your other misunderstanding is that ACrypt isn’t open source. If you’d taken even a cursory look at the website you’d find it is and the source code is here.

It is generally unwise to use software that isn’t being developed, like v1, but there have been no recent developments in AES exhaustive key search attacks. If you’re aware of new “brute-force” methods then please share them with the academic community at large.

Anybody who knows anything about cryptography or engineering or physics or mathematics or computing will tell you that cracking AES-128 takes more than the power in the universe.

However as AxCrypt 2 is open source, under current development, offers a fully functional standard version and can decrypt your files whilst offline you should have no objection to updating.

Auditing cryptography is best left to the experts as it’s extremely difficult and one small mistake can be fatal. However if you still feel that you’re qualified to audit other people’s work then perhaps you’d like to fork AxCrypt v1 yourself for the benefit of the community?

I am a user, not a representative of AxCrypt, and I’m an academic specialising in cryptography.