[AxCrypt SupportModerator]

Hello Matt,

Just re-downloaded the zip using your link, and BERSequenceGenerator.cs is still there!

Do you not see it here after unzipping?

[AxCrypt SupportModerator]

Hello Jamesmaher,

Not sure what we or AxCrypt can do about write protected external hard drives. I’m sure there’s some misunderstanding here. Perhaps you can explain in more detail, preferrably with scren shots?

[AxCrypt SupportModerator]

:-)

Svante

[AxCrypt SupportModerator]

Hello Fran,

Not sure I understand fully.

1) Yes, the account password is essentially the same as the “old” passphrase.

2) The standalone version 2 works the same as the installed version 2, except for explorer integration. The files encrypted with version 2 are encrypted with the account password, and you need version 2 and that password to open them.

[AxCrypt SupportModerator]

Ok, we have now published 2.1.1413 which at least addresses some issues similar to yours. No promises though!

[AxCrypt SupportModerator]

Right, the fix is as mentioned in 2.1.1410 or higher.

[AxCrypt SupportModerator]

We’re not 100% sure, but we did some testing on Key Shares on a network folder, and while we could not reproduce your particular issues, we did run into some other things which we have now addressed.

If all goes well, there will be another build available within an hour or so (2.1.1410 or higher), with that fix. Before continuing with your case, I’d like to see if these changes improve or change the situation for you.

• This reply was modified 9 years, 6 months ago by  AxCrypt Support.

[AxCrypt SupportModerator]

Hello,

That’s partially why I added “…at the very least”. The actual strength of the key depends on the number of possible combinations the attacker has to try.

If you ask me “What is the strength of a 32 character password?” My first question back is: what’s a character? Actually it get’s complicated, because it depends on encoding such as US-ASCII, Ansi (in various variations) Unicode (in various variations etc). If we say US-ASCII, that’s 95 possibilities per character. That’s 95^32 number of combinations, equal to 210 bits and change.

However, in your case, the question was “What is the strength of a 32 character hexadecimal string as a password”. Here I now assume that we *know* that it’s a hexadecimal string, and that it’s exactly 32 characters, and that we even know if you’re using upper or lower case A-F. In this case, the strength is exactly 128 bits. If we don’t know if you’re using upper or lowercase, it get’s stronger. If we don’t know if you are using exactly 32 characters, it get’s stronger. How much I leave as an exercise for the reader ;-)

The way AxCrypt works with the password is through a complicated process that adds time to what an attacker has to do in order to try a given password, and also ensures that regardless of if you enter 10 characters or a thousand, we still use them all as best we can and input exactly 128 or 256 bits to the underlying encryption algorithm.

You might want to Google “password based key derivation” for more info. Wikipedia is a good place to start to read about the function AxCrypt uses: https://en.wikipedia.org/wiki/PBKDF2 . AxCrypt currently uses PBKDF2-HMAC-SHA-512 with a 1000 iterations. This is not extremely high, since we then use another iterative keywrap for the actual file key.

[AxCrypt SupportModerator]

Hello Peter,

That sounds very strange, and is possibly a bug. Can you describe in more detail the sequence of operations, and even better illustrate with screen shots?

It is correct that if you remove the folder from the list, the files are decrypted – but I do not see how it can without you actually requesting that. Unless of course there’s a serious programming error here.

[AxCrypt SupportModerator]

Hello James,

I’m not quite sure I follow…

You need to sign in to AxCrypt like this:

After you have signed in, files will open without needing a password and you can encrypt files without specifying a password.

You will remain signed in, until you sign out, your screen saver goes active, your computer goes to sleep, your Windows session is logged or you shut down your computer.

 

• This reply was modified 9 years, 6 months ago by  AxCrypt Support.
• This reply was modified 9 years, 6 months ago by  AxCrypt Support.

[AxCrypt SupportModerator]

Hello,

Yes, you can use a 32 hexadecimal digits long string as a password.

No, it won’t be interpreted as hex, it’ll be interpreted as a string of characters just like any other password.

However, you misunderstand how this works. Nothing is ignored, and your 32 hexadecimal digits will indeed represent a full 128-bit key, at the very least.

[AxCrypt SupportModerator]

Ok, do you recall how you downloaded it? The idea is that the main button detects your bitness, and selects one. Below that you can pick and chose which ever.

Did you use a 32-bit browser?

[AxCrypt SupportModerator]

Hello Mathieu,

Both are indeed nice suggestions. Thank you. We will implement them, but not in the immediate future – there are other things currently with higher priority, but we’ll get there!

You can follow these issues here:

https://bitbucket.org/axantum/axcrypt-net/issues/151/add-restore-original-name

https://bitbucket.org/axantum/axcrypt-net/issues/150/add-encrypt-rename-as-a-single-operation

[AxCrypt SupportModerator]

Hello,

Where and how did you get the source code? I just downloaded a zip of the tip and it just builds. BERSequenceGenerator.cs is here: https://bitbucket.org/axantum/axcrypt-net/src/5d2decd56c53a185c81aa1fbcc99277d8012d415/BouncyCastle.AxCrypt/src/asn1/BERSequenceGenerator.cs .

[AxCrypt SupportModerator]

Hello Robert,

No, it’s available for both, at least from here. Can you send a screen shot of how it looks or what happens when you try the download?

[Author]

Posts