Forum Replies Created

Viewing 15 posts - 1,531 through 1,545 (of 1,759 total)
1 102 103 104 118
  • Author
    Posts
  • July 8, 2016 at 17:31 in reply to: secured folders #3722

    Svante
    Spectator

    Ok, we have now published 2.1.1413 which at least addresses some issues similar to yours. No promises though!

    July 8, 2016 at 14:43 in reply to: secured folders #3720

    Svante
    Spectator

    Right, the fix is as mentioned in 2.1.1410 or higher.

    July 8, 2016 at 14:22 in reply to: secured folders #3716

    Svante
    Spectator

    We’re not 100% sure, but we did some testing on Key Shares on a network folder, and while we could not reproduce your particular issues, we did run into some other things which we have now addressed.

    If all goes well, there will be another build available within an hour or so (2.1.1410 or higher), with that fix. Before continuing with your case, I’d like to see if these changes improve or change the situation for you.

    • This reply was modified 8 years, 3 months ago by  Svante.
    July 8, 2016 at 14:16 in reply to: Hex Key #3715

    Svante
    Spectator

    Hello,

    That’s partially why I added “…at the very least”. The actual strength of the key depends on the number of possible combinations the attacker has to try.

    If you ask me “What is the strength of a 32 character password?” My first question back is: what’s a character? Actually it get’s complicated, because it depends on encoding such as US-ASCII, Ansi (in various variations) Unicode (in various variations etc). If we say US-ASCII, that’s 95 possibilities per character. That’s 95^32 number of combinations, equal to 210 bits and change.

    However, in your case, the question was “What is the strength of a 32 character hexadecimal string as a password”. Here I now assume that we *know* that it’s a hexadecimal string, and that it’s exactly 32 characters, and that we even know if you’re using upper or lower case A-F. In this case, the strength is exactly 128 bits. If we don’t know if you’re using upper or lowercase, it get’s stronger. If we don’t know if you are using exactly 32 characters, it get’s stronger. How much I leave as an exercise for the reader ;-)

    The way AxCrypt works with the password is through a complicated process that adds time to what an attacker has to do in order to try a given password, and also ensures that regardless of if you enter 10 characters or a thousand, we still use them all as best we can and input exactly 128 or 256 bits to the underlying encryption algorithm.

    You might want to Google “password based key derivation” for more info. Wikipedia is a good place to start to read about the function AxCrypt uses: https://en.wikipedia.org/wiki/PBKDF2 . AxCrypt currently uses PBKDF2-HMAC-SHA-512 with a 1000 iterations. This is not extremely high, since we then use another iterative keywrap for the actual file key.

    July 8, 2016 at 11:19 in reply to: secured folders #3712

    Svante
    Spectator

    Hello Peter,

    That sounds very strange, and is possibly a bug. Can you describe in more detail the sequence of operations, and even better illustrate with screen shots?

    It is correct that if you remove the folder from the list, the files are decrypted – but I do not see how it can without you actually requesting that. Unless of course there’s a serious programming error here.

    July 8, 2016 at 08:03 in reply to: axcrypt sign in #3708

    Svante
    Spectator

    Hello James,

    I’m not quite sure I follow…

    You need to sign in to AxCrypt like this:

    AxCrypt 2 Sign In

    After you have signed in, files will open without needing a password and you can encrypt files without specifying a password.

    You will remain signed in, until you sign out, your screen saver goes active, your computer goes to sleep, your Windows session is logged or you shut down your computer.

     

    • This reply was modified 8 years, 3 months ago by  Svante.
    • This reply was modified 8 years, 3 months ago by  Svante.
    July 8, 2016 at 07:44 in reply to: Hex Key #3707

    Svante
    Spectator

    Hello,

    Yes, you can use a 32 hexadecimal digits long string as a password.

    No, it won’t be interpreted as hex, it’ll be interpreted as a string of characters just like any other password.

    However, you misunderstand how this works. Nothing is ignored, and your 32 hexadecimal digits will indeed represent a full 128-bit key, at the very least.

    July 7, 2016 at 17:15 in reply to: Where to download new v2.1.1406 ? #3701

    Svante
    Spectator

    Ok, do you recall how you downloaded it? The idea is that the main button detects your bitness, and selects one. Below that you can pick and chose which ever.

    Did you use a 32-bit browser?

    July 7, 2016 at 12:26 in reply to: Suggestions #3698

    Svante
    Spectator

    Hello Mathieu,

    Both are indeed nice suggestions. Thank you. We will implement them, but not in the immediate future – there are other things currently with higher priority, but we’ll get there!

    You can follow these issues here:

    https://bitbucket.org/axantum/axcrypt-net/issues/151/add-restore-original-name

    https://bitbucket.org/axantum/axcrypt-net/issues/150/add-encrypt-rename-as-a-single-operation

    July 7, 2016 at 08:43 in reply to: Command Line Parameters #3696

    Svante
    Spectator

    Hello,

    Where and how did you get the source code? I just downloaded a zip of the tip and it just builds. BERSequenceGenerator.cs is here: https://bitbucket.org/axantum/axcrypt-net/src/5d2decd56c53a185c81aa1fbcc99277d8012d415/BouncyCastle.AxCrypt/src/asn1/BERSequenceGenerator.cs .

    July 7, 2016 at 08:30 in reply to: Where to download new v2.1.1406 ? #3694

    Svante
    Spectator

    Hello Robert,

    No, it’s available for both, at least from here. Can you send a screen shot of how it looks or what happens when you try the download?

    July 6, 2016 at 22:46 in reply to: Can't open existing Axcrypt files with latest version of Axcrypt #3690

    Svante
    Spectator

    Hello Bernie,

    You are exactly describing the way AxCrypt is intended to work.

    It’s by careful design – if you never had to sign on again, it would not be secure enough. Many on the contrary have concerns about the fact that you don’t have to sign in for every file. As it’s designed, you have to sign in after the screen saver has been activated, the computer has gone to sleepetc.

    About “the first time” I think you are referring to the fact that Internet is required the very first time you install and run AxCrypt on a new computer, but not thereafter.

    July 6, 2016 at 20:15 in reply to: Where to download new v2.1.1406 ? #3687

    Svante
    Spectator

    Hi!

    Now 2.1.1409 is available for download!

    July 6, 2016 at 18:15 in reply to: Where to download new v2.1.1406 ? #3683

    Svante
    Spectator

    Hello Mathieu,

    We’re just in the process of building the next version, but for practical reasons we actually publish the release notes a little ahead of time… So, as it looks now, the next version will be 2.1.1407 I hope, and it’ll be available within 30 minutes or so.

    Then again, the reason for the minor delay is still not entirely clear, so it may take a little longer.

    Happy to see you’re on your toes, and someone actually reads the release notes!

    July 6, 2016 at 09:21 in reply to: Command Line Parameters #3676

    Svante
    Spectator

    Great Matt,

    The most simple API for a simple command line version is probably found in the classs ‘AxCryptFile’. See Program.cs for support in parsing a command line, and how to register the necessary dependencies in the dependency injection container with ‘TypeMap.Register’.

    If you find you need or would like to make any changes to the core code to facilitate things, let me know or submit a pull request.

    Good luck!

  • Author
    Posts
Viewing 15 posts - 1,531 through 1,545 (of 1,759 total)
1 102 103 104 118