Hello Captain Quirk, FormerAxCrypter, Wellington, Gerard, Robert M and everyone else!
Wow – I’m impressed at the high level of both questions and responses from the community. The AxCrypt community is amazing! Stuff like this, that makes it worthwhile…
For what it’s worth, while I cannot disclose the names or publish the reports, AxCrypt has been professionally audited by both private and government entities. I realize the value of that statement is pretty low, considering I can’t name anyone, but still. Better than nothing, right?
As for myself, I don’t consider myself a cryptographer per se. I do not, and never have, made my living as a cryptographer. That being said, I have made my living for many years, working with properly implementing cryptography both as a developer and at a higher level with cryptography-based products. As such, I feel that I am uniquely qualified to *implement* cryptography and design software based on cryptographic functions as a developer, which unfortunately too often is not the case. As we have seen time after time in both small products as well as enterprise products from major software manufacturers.
I would like note that while AxCrypt is not as wide spread as for example WinZip, it’s still pretty well known and used. It’s been downloaded an estimated 20 million times, and it’s been open source all that time with published specifications of the technology. During this time, not one single cryptography related weakness or vulnerability has been published. That doesn’t mean there aren’t any, but it does increase my confidence in that it’s pretty sound anyway.
I guess this as good place and time as any to point to the appropriate resources should anyone wish to take a look:
https://bitbucket.org/axantum/axcrypt-net/ – The source code for AxCrypt 2 in C#. A few nuget dependencies, otherwise it compiles cleanly as-is with Visual Studio Community.
https://www.axcrypt.net/documentation/technical/ – Technical information about file format, algorithms, implementation details and server interaction.
Thanks everyone, and keep it up!