Forums Help & support New version of Axcrypt – why 2 passwords now? Reply To: New version of Axcrypt – why 2 passwords now?

#6124 Reply

Svante
Keymaster

Hello skeptical,

George has actually responded correctly, if somewhat strongly perhaps, to your concerns. In this case, since I’m the author of AxCrypt, having designed it all and programmed most of it, I think it might be appropriate with a personal response as well.

First, I’d like to remind everyone here that we’re all friends and let’s keep the tone civil. No need for derogatory terms etc, let’s stick to fact and sometimes opinions without those extra words which bear no extra information.

Here’s the thing about “You must tell Axcrypt what your password is” and “This gives Axcrypt access to your encrypted files“. How else could it possibly be? This is the same for 100% of cryptographic solutions – somewhere there is software that accepts your password, and thus knows it!

I think what you’re really trying to say is “You must send your password to a remote server, which gives the software or operator of that server potential access to your encrypted files – if the operator or software developer has malicious intent. It might give hackers potential access if the operator or software developer is sloppy or incompetent.” This *is* true, but it’s the same regardless of where the software is executing – on your PC or our servers.

Here’s the real difference:

Your PC: A machine with probably literally 100s of installed softwares from all kinds of sources, with absolutely no chance for you to be really sure of the quality or intent of said softwares, and often installed more or less at whim for a moments need. A machine which is operated by a human (you, and possibly your family, kids, kids friends, spouse, friends, collegues etc), making decisions of where to click, what to type, what to download, what sites to visit many, many times a day. All of those decisions with the potential of being wrong. One wrong click, site visit or download is enough to compromise your PC. It’s also a machine which is often moved between public and private wireless networks, often left unattended, sometimes even with Windows signed in while you get a coffee or whatever. A machine which is used for countless purposes, work, play, media etc with software installed for all those reasons. All that software with the risk of bugs and security vulnerabilities. A machine typically with lots of ports open to the Internet to make all those functions and file sharing etc work.

Our Server: A machine with the absolute minimum of installed softwares, with each and every one carefully vetted before installation. A machine with no extra functions except what it needs to do. No play. No games. No media. Not even a database – we rolled our own no-sql to 100% remove the risk of SQL-injection attacks. It never moves. We never use a browser. It has a total of 3 ports open to the Internet: HTTP, HTTPS and SSH. It is operated by a single dedicated professional, with a single purpose – and quite infrequently at that.

Now, which environment do you honestly believe to be the most safe, secure and trustworthy?

Remember – if you’re using ours (or anyone elses cryptographic application) you’re going to be executing that code. So you have to trust the code. You’re giving the code not only your password, but literally every byte of confidential information you encrypt or decrypt will go through that software.

Since you must trust the code in order to use it – given the above, just what environment is really the greatest risk to run that code in?

If security is only as strong as it’s weakest link – where’s the weak link here?

For a technical description of what we do, and what we actually store on the server, please check out https://www.axcrypt.net/documentation/technical/ . For the full source code of the core libraries and the Windows application, go to https://www.bitbucket.org/axantum/axcrypt-net/ .

To summarize what we keep on the server: A file encrypted with AxCrypt using your password.

What scenario is AxCrypt designed to protect you in: A file encrypted with AxCrypt using your password being accessed by the wrong person.

In other words, should data leak from our server, it’s actually just an application of the exact scenario AxCrypt is intended to handle in the first place. If your password is good enough, no harm is actually done.