Forums Community AxCrypt 2 makes me sad…

This topic contains 59 replies, has 2 voices, and was last updated by  Jack C. 11 months, 2 weeks ago.

Viewing 15 posts - 16 through 30 (of 60 total)
  • Author
    Posts
  • #6545 Reply

    Ashly

    You can see how popular the software is by taking a look at their fourm. One comment in over two years and over comments dating back to 2008. Super secure. 😂

    #6546 Reply

    Brian

    I’ve only just seen their official forums… hosted on a third party website.

    In all fairness to the company BCArchive is only a marketing tool for their more secure commercial encryption products.

    #6547 Reply

    Stephen

    Could anybody send me a BCArchive file with something non-sensitive please?

    My company specialise in cryptographic products and I wrote a cracking tool for this product a while back.

    Cheers

    #6548 Reply

    Ashly

    https://www.sendspace.com/file/mggost

    It’s called Test.txt.bca and is good for one download only.

    #6549 Reply

    Stephen

    Great, got that.

    So the file was created in BCArchive version 2.07.0.1 and you used the following parameters:

    Algorithm: Rijndael [AES] 256-Bits
    Hash: SHA-512
    Iterations: 65536

    Your password is:

    8x\{HQ6]ul+00:-\n’u&WTK>(Vw0Pfo$”A6;F8k59~a4<W?p

    That’s a really secure password and it took my cracking software 3 minutes to recover that.

    The setup looks really good on paper – AES-256, SHA-512, 65536 spins – but there’s a problem with S-Box implementation [*] which meant that instead of taking billions of years to crack, it took 3 minutes.

    [*] If you don’t understand that then don’t worry!

    You can tweak your setup if you want to make the output more secure but that’s assuming you’re familiar with cryptographic primitives and you’re prepared to put in a bit of leg-work.

    I think it’s incredibly risky allowing people to set their own encryption variables [or even using the BCArchive default configuration] because it’s too easy to make mistakes which makes encrypting your files a waste of time.

    On contrast to crack your file in AxCrypt with that password would take 5.809949192078004e+77 years. I’m going through the AxCrypt source code line by line and debugging it but so far it’s standing up to scrutiny – even at 5,000 spins instead of 65,536 [BCArchive].

    #6550 Reply

    Ashly

    Your password is:

    8x\{HQ6]ul+00:-\n’u&WTK>(Vw0Pfo$”A6;F8k59~a4<W?p

    Wow. Just wow.

    Do Jetico know how insecure BCArchive is Stephen?

    #6551 Reply

    Stephen

    It’s unfair to call it insecure because you don’t know that. Your file was insecure as a result of your bad choices in how the cryptography is used by the software. I’m not blaming you for those bad choices because you don’t understand how each algorithm interacts with the different configurations. You probably thought you were making a good choice by choosing AES. Normally this would be an fabulous choice.

    I’ve not read the whole topic but Brian seems to have briefly discussed the fact that BCArchive is intended for experts and I agree with him on that. If used by an expert it should be fine but in the hands of a normal user it’s dangerous because it doesn’t stop you making stupid encryption choices.

    #6552 Reply

    Anonymous

    Experts don’t recommend it and there’s a good reason why

    Actually that’s an incredible amount of bullshit. No security expert – read that NONE – will support using the same password across different levels of security. The same principle applies to websites the fact remains different levels and different types of security with the same password are functionally worthless. The only “experts” who don’t recommend multiple passwords for different layers of security are fools, most likely fools who are operating on the assumption users are forgetful and lazy. No security expert would say “Use the same password for windows, for your password manager, for websites, for every file, etc.”, once a password is compromised they’ll have access to everything that constitutes your online presence. You also failed to state this “Good reason why” that isn’t tied to forgetting or getting lazy.

    • I’m using multiple pieces of software (more risk of critical bugs: malicious or otherwise)

    Yes, there’s something to be said about increasing your attack service, I wonder though what OS do you use? If you’re using Windows you likely have a wide number of services you don’t need enabled. Remote Registry? SMB v1.0? Don’t act as though you’re super concerned about your attack surface.

    • More chance of making a mistake and completely compromising my security

    Again, maybe you’re incompetent but I am not.

    • Using proprietary encryption methods designed to look secure, but aren’t proven

    Open Source doesn’t equate to security, all of my most critical files (including my system backups) are stored within VeraCrypt encrypted volumes. VeraCrypt has been audited and is a fork of TrueCrypt which was also audited, has AxCrypt been audited? I suspect not. It comes down to trust, I don’t trust that BCArchive will keep my files safe from the government then again I’d never trust AxCrypt with that either. I do however believe that it will keep personal files secret from the kinds of people who modify and redistribute existing malware.

    • Having to keep a record of multiple encryption passwords

    I’m not an Alzheimer patient I do just fine in regards to keep my passwords, I use KeePass should I forget them but I rarely have to do so.

    • Moving data in and out of the VM/sandboxed process

    Arguing against Sandboxing\Virtualization now? Suppose google shouldn’t bother sandboxing websites either.

    I use Sandboxie and VirtualBox, both of which are well known software.

    I’m not concerned about the one password methodology because I know that if a hacker can get into my system to steal that one password then he’d be able to get at all of my information anyway.

    The obvious question stands then: What does AxCrypt protect you from?

    Any piece of malware – ANY – can steal your AxCrypt encrypted files because AxCrypt stores your key in memory and decrypts the files without prompt. The ONLY way AxCrypt offers ANY protection is if you manually sign out.

    If you’re going to use AxCrypt you’re better of using Bitlocker with a good windows password, because AxCrypt doesn’t protect you in any way from invasive malware that reads your files. Any file – whether an unencrypted cached version exists or not – is vulnerable.
    AxCrypt v2 does nothing, it protects you from nothing, anyone with a method of FDE encryption already has the full protection of AxCrypt. The only advantage AxCrypt provides is a far simpler method of key-sharing.

    I’m desperately curious what your answer to the question “What does AxCrypt v2 protect you from?” is.

    As a closing note Windows tracks all keyboard input (including passwords) and sends it back to Microsoft even if you’ve got telemetry turned off.

    I certainly hope you have a citation for that, I monitor my own traffic and I’ve never seen anything of the sort. Then again I’m running a customized version of windows with various components (i.e. Everything to do with Cortana, Metro, & xbox) removed.

    It’s like I said before – you’re never safe you’re only seeking to make the cost of attack less worthwhile. It’s all a matter of what you’re protecting and from who and how far you’ll go to protect it. At some point down the line you’re going to have to trust someone.

    #6553 Reply

    Anonymous

    On contrast to crack your file in AxCrypt with that password would take 5.809949192078004e+77 years

    There is no need to crack your AxCrypt password it’s stored in memory at all times and will readily decrypt on-demand without prompt.

    AxCrypt v2 does nothing that Bitlocker and a Good Windows Password doesn’t already do.

    Again, AxCrypt has NOT been audited and should therefore be regarded as potentially insecure as the most insecure program. If you’re using AxCrypt v2 to protect files from the government then you’re using AxCrypt v2 wrong.

    Using AxCrypt v2 – without manually signing out after using your files – is the same as simply writing a password.txt file on your hard drive.

    #6554 Reply

    Hjalmar

    There is no need to crack your AxCrypt password it’s stored in memory at all times and will readily decrypt on-demand without prompt. AxCrypt v2 does nothing that Bitlocker and a Good Windows Password doesn’t already do. Again, AxCrypt has NOT been audited and should therefore be regarded as potentially insecure as the most insecure program.

    You must be misunderstanding what AxCrypt is for. It goes without saying that AxCrypt will readily decrypt on-demand as that’s what it’s designed for! If you are worried about a criminal hacking your computer then not even BitLocker can protect you. All BitLocker data is decrypted at boot and a hacker need decrypt nothing.

    AxCrypt is designed to keep your files safe when sent via email or uploaded into the public cloud. Some people even use AxCrypt to send confidential information in the physical post. If you encrypt your files with AxCrypt before uploading to Dropbox then you keep your files safe from rogue Dropbox employees or hackers who break into your Dropbox account.

    BitLocker or equivalent is essential if your computer is stolen. It stops the data being retrieved by a criminal but only when the system is powered down. If the system is powered up or in sleep mode  then the BitLocker keys can be extracted from RAM, just like AxCrypt keys can. There is no difference between the two technologies in that regard.

    • BitLocker is for hard drive or container encryption (and only available for Pro/Education/Enterprise users)
    • AxCrypt is for file encryption (and available for everybody and anybody)

    About AxCrypt being audited – you might want to check your misinformation with the Swedish police and a couple of other government agencies who use AxCrypt. The source is on Bitbucket for all to see and anybody technically inclined can audit the source themselves.

    Stephen – can I ask a question please? I think from your writing that we have spoken before. Does your TLA  company supply the cracking software on demand or is it payments via BTC for individual files?

    #6555 Reply

    Stephen

    Anonymous, I think Brian was probably referring to this but there are plenty of other examples and research proving that Windows intentionally disrespects your privacy no matter how much you lock down your system. Even firewalling your connection doesn’t prevent keystrokes being sent to Redmond. The telemetry is encrypted so monitoring your traffic will regrettably not assist you in this because of how the traffic is sent. The privacy interference is so bad that China have been supplied with a special copy of Microsoft Windows.

    I’ve seen people using various third-party tools in the false belief these keep them safe but they only minimise the amount of data sent and keystrokes are sent. Microsoft use various terms/names to conceal the fact that they’re doing this. Those within the security community regard Windows as a privacy threat. Some go so far as calling it malware.

    VeraCrypt is a good choice for containers but again you have the problem of keystroke logging of your password.

    Your Windows UAC password can be stolen by visiting a specially crafted website thus if you visit a malicious page then the web host will get your password because of an unfixed vulnerability which Microsoft don’t consider to be a vulnerability despite it being misused. The standard BitLocker deployment uses the same password as it does for logon so it’s a critical security flaw.

    OpenBSD is the only OS that will provide you with a good level of security and only then if you use trusted hardware and a smartcard to store your password.

    Hjalmar makes a good point – cloud transfers. BCArchive files can be cracked rapidly but AxCrypt files can’t. Therefore unless the endpoint is hacked (and then any software can be compromised) the only way to break an AxCrypt file is in billions of years. To break a BCArchive file is a matter of minutes.

    Stephen – can I ask a question please? I think from your writing that we have spoken before.

    We have. Contact me using your Tox please.

    #6556 Reply

    Svante
    Keymaster

    Hi all again!

    Interesting discussion, I’m enjoying it mostly, but do try to direct comments to the subject matter and not to the persons. We want these forums to be a nice place, and I certainly want there to be criticism – but on the technology, not the participants.

    Although many users use AxCrypt for local device file encryption, as has been mentioned, there are many potential problems with that. AxCrypt was developed and intended for the scenario when files actually leave your physical device. For local device encryption, I primarily recommend full drive or volume encryption, such as BitLocker, VeraCrypt etc. It’s still useful for local file encryption in many scenarios, but it’s not the primary target use case.

    AxCrypt 1 and 2 *has* been audited, several times, by entities competent in the field. Unfortunately, none of these reports are public, so you’ll just have to trust me on that ;-) Even better: Trust, but verify. I’d be more than happy if someone will find funding and organize a similar public audit as was done for TrueCrypt / VeraCrypt. For obvious reasons, even if I had the funds, I cannot do that myself.

    The more effort that is spent in analyzing AxCrypt, the better it becomes. I am not at all afraid that some weakness might be found, since if they are there – we *really* want to know about it so we can *fix* it. In fact Stephen did find a problem, not in the actual algorithms or implementation of the cryptography, but in the dynamic calculation of the number of rounds to run the key wrap used to secure the session key (each file is encrypted using a unique key, your password or public key is used to encrypt that session key), causing it to hit the minimum (but still decent) 5000 rounds more often than it should. This is already fixed, and will be released later this week.

    The sooner we become aware of a flaw, the sooner we can fix it. If it had been an issue on the level of the apparent level of the BCArchive implementation bug seemingly exploited by Stephen, we would have released a fix within 24 hours if at all possible – and we have a mechanism already builtin where we can alert all users with online access very strongly about the need to update. Actually we have a “reliability” warning we can trigger, and a separate “security” warning too.

    #6557 Reply

    Ben Langton

    Svante,

    I would like to apologize for the tone of my initial post.  I meant for it to come across as slightly tongue-in-cheek, but in re-reading it, I can see that it did not.

    First, thank you for creating AxCrypt 1.  It is a very useful utility.  I’m sure that AxCrypt 2 is also useful, but it was not what I was looking for, and not what I thought it would be.  That, really, is the point I was trying to make; it seems like a totally different paradigm than the lightweight, very simple operation of AxCrypt 1.

    I highly recommend having some sort of document, posted prominently on your website, to help transition users of AxCrypt 1 to AxCrypt 2 (or, to explain to them why they will not want to upgrade).  Updating software regularly (especially security-related software) is common practice, these days, but in this case, it sounds like a contingent of your users will want to stay on AxCrypt 1.

    Best Regards.

    #6558 Reply

    Svante
    Keymaster

    Thanks Ben!

    Yes, a really nice guide to how to upgrade, why to upgrade – and why not would probably be useful. We’ll see what we can manage.

    #6559 Reply

    RaymondLC92

    Ah I hadn’t thought of cloud transfers, that’s not something I engage in often and when I do I usually need compression. In such cases I usually use an encrypted archive (i.e. 7zip).

    It seems AxCrypt v1 and AxCrypt v2 are designed for different use cases.

    You must be misunderstanding what AxCrypt is for. It goes without saying that AxCrypt will readily decrypt on-demand as that’s what it’s designed for! If you are worried about a criminal hacking your computer then not even BitLocker can protect you. All BitLocker data is decrypted at boot and a hacker need decrypt nothing.

    I used AxCrypt to protect me from this very fact, in AxCrypt v1 files could not be decrypted without your password (unless you told it to store the password). I can see AxCrypt being very useful for encryption of files uploaded to DropBox, OneDrive, etc.

    Bitlocker (or other FDE) is like locking down a building at night but AxCrypt was like locking my office door behind me and only unlocking it when I needed it open.

    GPG4Win is supposed to be adding symmetric encryption to their UI with version 3.0 which should fill this gap nicely. In the meantime it seems one could use the command line to encrypt the files and use the UI to access them.

Viewing 15 posts - 16 through 30 (of 60 total)
Reply To: AxCrypt 2 makes me sad…
Your information: