Forums Bugs & issues your UI and usability sucks

This topic contains 7 replies, has 2 voices, and was last updated by  Svante 1 year, 2 months ago.

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #5791 Reply

    Matze

    Sorry guys and Girls, but your UI is not user friendly. Maybe this is related to the fact that you concentrate on charging instead of giving a user firendly Interface.

    On a related note: AES128 while still considered not broken is a little low for security requirements – AES256 would be considered industry Standard.

    In total: Level 10 on the suck-o-meter.

    #5792 Reply

    Svante
    Keymaster

    Hello Matze,

    Thanks for the feedback. However, this is a public forum, and while we appreciate negative as well as positive feedback – we like constructive and polite feedback even more!

    If you’d like to tell us just what aspects of the user interface you found least appealing or most hard to understand, it would actually help us improve the product! If you do, can I please ask you to formulate it a little nicer?

    Commenting on the one actual concrete criticism concerning AES-128 vs. AES-256, could you perhaps provide some sources for that statement? To our knowledge, there is no indication that AES-128 strength “is a little low for security requirements“.  Then again, that depends on just what those requirements are. AES-128 is considered strong enough for US government information classified as secret, it’s apparently good enough for some requirements. It’s also good enough for use in many private and public corporations according to their respective polices. Other requirements require other levels of strength. Just stating that a security measure “is a little low for security requirements” without reference to the actual requirements is both a meaningless and misleading statement.

    If you state that AES-128 is a little low for your personal security requirements, that’s fine. We have many users who are correctly judging that AES-128 is good enough for any reasonable personal level of security, and who also realize that they are unlikely to use passwords of sufficient length and complexity to even approach 128 bits in actual strength anyway. Then we have others users who feel more comfortable with AES-256, and for those we offer that too – at a small cost in our Premium software.

    Concerning your implied criticism of the fact that we have a for-pay option with advanced features for AxCrypt, that’s just an aspect of the real world, where we simply need revenue in order to develop, maintain, support and improve the software. We still offer a really useful software entirely for free, something most software manufacturers do not.

    #5793 Reply

    Giles

    Matze, I’d like to correct you on your assertion that AES-128 is not broken, it is. Cryptographers consider the whole suite of AES implementations to be broken: AES-128, AES-196 and AES-256 to be broken. For most practical purposes it still is the best cipher.

    128-bit is more than sufficient for most people – indeed Apple use 128 in their FileVault product, Microsoft’s default is 128 in BitLocker and it’s the default in Microsoft Office.

    Why does AES-256 exist? To satisfy “bureaucratic lassitude” and to make people who don’t know any better feel happy. Ignorance is bliss.

    #5794 Reply

    Svante
    Keymaster

    Hello Giles,

    Since many readers of these forums are not experts, and cannot be expected to be able to see what is fact and what is fiction, when a statement such as “Cryptographers consider the whole suite of AES implementations to be broken: AES-128, AES-196 and AES-256 to be broken.” – Please provide a reputable source reference! The article from 2011 you refer to while very interesting, does not in any way indicate that AES is broken. In fact, it explicitly states: “However, it doesn’t compromise AES in any practical way.”.

    Exactly which cryptographers have this opinion, and where have they published results to support it? To my knowledge, no such cryptographers exist, or such results.

    Also, I’m afraid the statement that “AES is considered broken”, followed by a statement that “for practical purposes it still is the best cipher“, is just plain contradictory. Broken is broken. If it’s broken it should not be used. But AES is *not* considered broken by any published cryptographers.

    As always there are conspiracy theorists, but is beyond the scope and dignity of these forums I believe.

    #5795 Reply

    Giles

    Svante, my remarks aren’t contradictory – I’m using the term “broken” in the correct, academic and cryptographic sense.

    If a cipher can be broken with anything less than exhaustive key search, which AES can, then it’s considered broken. That doesn’t mean that it’s no good.

    The AES biclique attack, from a very reputable source, proves this.

    Also, see this.

    Here are Bruce Schneier’s remarks:

    “Breaking a cipher simply means finding a weakness in the cipher that can be exploited with a complexity less than brute force. Never mind that brute-force might require 2128 encryptions; an attack requiring 2110 encryptions would be considered a break…simply put, a break can just be a certificational weakness: evidence that the cipher does not perform as advertised.”

    If his comments aren’t reputable then I don’t know whose are.

    #5796 Reply

    Svante
    Keymaster

    Hello Giles,

    Thanks, and yes, you’re right that there has been a break published against AES, as you say, in the academic sense. There are also various breaks against reduced round versions. There is still no practical attack published. The text your refer to starts with:

    Breaking a cipher doesn’t necessarily mean finding a practical way for an eavesdropper to recover the plaintext from just the ciphertext“.

    The problem here is that even cryptographers do not have a precise vocabulary to distinguish various levels of breaks. I personally tend to use the term “break” in context to describe the break. I.e. “There’s a break against AES in all versions reducing the complexity by 2-3 bits”. When I use the term “broken”, with this I mean that the algorithm is entirely compromised and considered unsafe.

    I find it very unintuitive and misleading to state that since there’s a break against AES reducing the complexity by a few bits, AES is broken. Therefore I protest against such a statement when it’s not carefully qualified to explain just what parts or to what extent it is broken.

    Still, I will certainly agree that in the long run there are some indications that AES might indeed become unsafe one day, since there are several published weaknesses found, even if no practical attack has yet been published. As you quote Bruce Schneier, I’ll have to do the same: “Attacks never get worse, they only get better”. (more or less, it’s from memory).

    Thanks for good input! But remember, most readers of these posts are not cryptographically knowledgeable – or even interested. They just want to know the simplest answer to the question “Is AxCrypt safe?”. I know, and obviously you do too, that there’s no really simple answer like “yes” or “no” to that question. But we have to try to give as good and as simple answers as possible.

    #5797 Reply

    Giles

    Maybe I could have been clearer in my original post although that’s why I did qualify my comments with “For most practical purposes it still is the best cipher.” Even if AES-128 takes billions instead of trillions years to break, I still consider that sufficient for my purposes.

    Similarly I consider that the cipher is ‘broken’ because the number of combinations can be reduced (disregarding impractical amounts of time, money, resources etc.). The biclique attack is only one such method, there are others.

    An extract from an academic textbook if anyone else is reading this and is interested:

     

    #5798 Reply

    Svante
    Keymaster

    Thanks Giles!

Viewing 8 posts - 1 through 8 (of 8 total)
Reply To: your UI and usability sucks
Your information: