Reply To: AxCrypt 2 makes me sad…

[Stephen]

Great, got that.

So the file was created in BCArchive version 2.07.0.1 and you used the following parameters:

Algorithm: Rijndael [AES] 256-Bits
Hash: SHA-512
Iterations: 65536

Your password is:

8x\{HQ6]ul+00:-\n’u&WTK>(Vw0Pfo$”A6;F8k59~a4<W?p

That’s a really secure password and it took my cracking software 3 minutes to recover that.

The setup looks really good on paper – AES-256, SHA-512, 65536 spins – but there’s a problem with S-Box implementation [*] which meant that instead of taking billions of years to crack, it took 3 minutes.

[*] If you don’t understand that then don’t worry!

You can tweak your setup if you want to make the output more secure but that’s assuming you’re familiar with cryptographic primitives and you’re prepared to put in a bit of leg-work.

I think it’s incredibly risky allowing people to set their own encryption variables [or even using the BCArchive default configuration] because it’s too easy to make mistakes which makes encrypting your files a waste of time.

On contrast to crack your file in AxCrypt with that password would take 5.809949192078004e+77 years. I’m going through the AxCrypt source code line by line and debugging it but so far it’s standing up to scrutiny – even at 5,000 spins instead of 65,536 [BCArchive].