Forums Community Encryption Security With Version 1.7.3201.0 vs Version 2.x

This topic contains 10 replies, has 3 voices, and was last updated by  Martin S 1 week ago.

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #13277 Reply

    Steve

    I initially posted this under the ‘help and support’ forum, but I’m not sure that was the best place, so I’ll post it here also.

    I am aware of the changes in password function between version 1.x and 2.x. My work process requires that I still use version 1.x which allows for different passwords. I assume that version 1.7.3201.0 is the last stable version of 1.x – Is this true?

    I have heard lately that SHA1 is not secure, and SHA2 should now be used. I don’t know much about encryption so here is my main question –

    I read that version 1.x utilizes SHA1 in the encryption process, and version 2.x uses SHA2. How does the use of SHA1 affect the security of a file that is encrypted with version 1? Does the use of SHA1 create a vulnerability only ‘during’ the encryption or unencryption process, and presents no risk once a file is encrypted and exists as a static file? Or, is there a weakness even after the encryption is done and the file is stored on a drive?

    I also understand that version 1.x uses 128 bit encryption, and version 2.x uses 128 or 256. However, the main question is how SHA relates to the security of the encryption process as a whole.

    Is there any difference in security between the same file, first encrypted with 128 bit under verions 1.x, and the same file encrypted with 128 bit under version 2.x?

    Thanks for any help understanding this.

    #13311 Reply

    Azhaguraja B
    Keymaster

    Hello Steve,

    Yes, AxCrypt-1.7.3201.0 is the last stable version of 1.x. You can also check the same using our legacy website http://www.axantum.com/AxCrypt/LegacyDownloads.html .

    The data encryption primitive is AES-128 or AES-256 in AxCrypt 2, while it’s always AES-128 in AxCrypt 1.

    We use SHA-512 for two things – an HMAC, that’s a cryptographically strong checksum that ensures that we can be sure that nothing in the encrypted file has been changed. We also use it for password derivation – this is a process whereby we take a variable length typed password, and produce a fixed length (128 or 256-bit as the need be) value to use for the actual encryption algorithm. It’s essentially just another representation of the typed password, and we never store this anywhere.

    Please read up on the full details here: http://www.axcrypt.net/documentation/technical/ .

    Also, please check our security page, https://www.axcrypt.net/information/security/ .

    SHA stands for Secure Hashing Algorithm. SHA-1 and SHA-2 are two different versions of that algorithm. They differ in both constructions (how the resulting hash is created from the original data) and in the bit-length of the signature. Primarily, people focus on the bit-length as the important distinction. SHA-1 is a 160-bit hash. SHA-2 is actually a “family” of hashes and comes in a variety of lengths, the most popular being 256-bit.

    Please read to know the difference between the SHA 1 and SHA 2, https://en.wikipedia.org/wiki/SHA-2#Comparison_of_SHA_functions

     

    #15285 Reply

    AxCrypt1.7

    We are in 2020  [01.20.2020] and it is impossible to download any 1X version into the Legacy Website : http://www.axantum.com/AxCrypt/LegacyDownloads.html – Redirection to your new website.  If you go to oldversion.com or others you will backdoored. Keep your version 1.7 up to date and ready to download – AES128 bit is still safe !

    #15288 Reply

    Prabhukumar R
    Moderator

    You can download the legacy versions(1.x) of AxCrypt from the following link, https://we.tl/t-tCM9JMMvWh. So Please click the link then download the older version of AxCrypt app.

    Still, Are you looking for AxCrypt 1.x? This version is obsolete and not maintained – we don’t recommend using it. Please contact support@axcrypt.net for more information.

    #15487 Reply

    Axcrypt1.7.3

    Is it possible to have an another link ? Your link don’t work and the official page too : http://www.axantum.com/axcrypt/legacydownloads.html we can’t download anything. Why don’t put the official setup into the old website ? A lot of people still download this version and can be backdoored in other website….

     

    PS: Even it is not updated, the encryption is still safe and your GUI is not broken too.

    #15490 Reply

    Prabhukumar R
    Moderator

    Hello

    If you need the legacy version you contact our support team. Please write an mail to support@axcrypt.net. they are helping you.

    #15492 Reply

    Axcrypt1.7.3

    @prabhukumar R I’ll do thanks for your support, you’re still active here ^^’

    #17196 Reply

    AlGee

    In his February 2019 post above Keymaster Azhaguraia B said AxCrypt version 1.7.3201.0 is the last stable version in the 1.x series.

    But now in  August 2020 the  http://www.axantum.com/AxCrypt/LegacyDownloads.html website he cites above has AxCrypt ver 1.7.3233.0 available for download, not 1.7.3201.0.

    Is version 1.7.3233.0 not a stable version, or was one more stable version released after February 2019?

    #17198 Reply

    Azhaguraja B
    Keymaster

    Hello AlGee,

    The Legacy AxCrypt 1.x is fully working but unmaintained except for tooling and library upgrades etc. So, No need to worry about the latest versions of AxCrypt 1.x. There will be just an upgrade of tooling and nothing changed in the core/functionalities. It is a stable version too. You can download the AxCrypt legacy versions here – https://www.axcrypt.net/support/legacy-downloads/ .

    Most installers and executables are digitally signed with Authenticode by ‘Axantum Software AB’ or ‘AxCrypt AB’. Verify the signature after downloading by right-clicking the file and select ‘Properties | Digital Signatures’. Then double-click on the signature and confirm that ‘This digital signature is OK’ is shown.

    We always recommend users, use AxCrypt 2.x which is the latest version of AxCrypt.

    #17207 Reply

    AlGee

    Thank you for the clarification Azhaguraja B.

    I’m not a programmer,  but my understanding is the latest version of AxCrypt 1.x is still a terrific program that will be sufficient for my personal file encryption needs for the foreseeable future.  If I’m wrong about that I welcome correction from knowledgeable folks who can explain where my thinking is wrong.

    Like Steve, who posted at the start of this thread, the ability to use different passwords for different files is important to me. If AxCrypt 2.x would do that I’d be happy to use it.

    #18252 Reply

    Martin S

    Good night,

    As many people here, i need to use Acrypt v1.7.3233 for specific reasons, in this case, secure different files with different passwords in a usb.

    The thing is, I downloaded it from your official legacy website, but the file doesn’t have the Axantum digital signature. Is this normal since you’re not developing it? Or as Azhaguraja B says, it must be signed anyway?

    What are the potencial risks of using the old 1.x versión?

    Thank You so much for your useful answers

Viewing 11 posts - 1 through 11 (of 11 total)
Reply To: Encryption Security With Version 1.7.3201.0 vs Version 2.x
Your information: