Security / Cryptography
What are the key features of SafeNotes?
- As with Notepad, you can easily open or create, edit, and save any text information that is safely stored.
- Can safely store your private notes, web passwords, bitcoins wallets, credit cards information, images and more.
- It can be used for secure emails/messages as well. Very easy to use with our technology called "PostOffice/Postman" or "SafeNotesMail"
- Can by used as a very comfortable password manager. You need only remember one single master password for absolute security for all you data.
- Implemented Steganography can be used to hiding information inside the picture so thats it is impossible to detect this. It meets the strongest military standards. Can by use high grade image size resampler with Bicubic, Lanczos, Catmull-Rom, Mitchell, Gausian and other resample filters.
- You can create ultra secure Bitcoin wallet addresses , using a precise safe random generator and three-step independent verification.
- Wipe Tool, this is a sensitive data destruction tool, for secure delete files or free space wipe from hard drive or memory keys. You can choose from five different algorithms, such as U.S. DoD 5220.22-M(E) or Gutmann method.
- Very precise implementation with strongest crypto-algorithms used in cascade. Independent keys, with six different ciphers uses symmetric encryption with 6720-bits (3x2240). With the Premium version you can use eight encryption algorithms and up to 16384-bits. Sensitive information stored in memory (e.g. passwords) are stored always only in encrypted form with a random session key. Every saved document is fully checked and verified for 100% correct encrypting and saving. All memory operation is wiped after use. The advanced user mode with an extended range of password characters can significantly increase password security.
Why is SafeNotes secure?
Because it uses only the best and worldwide accepted hashes and cipher algorithms with precise implementation, and its encoding technique and output file structure is fully documented. Anyone may inspect the created output file from the input data and check it for backdoors or errors. A cascade is always used instead of a single hash or cipher. Cascades are composed of a selection of the best hashes and ciphers.
How secure are the encrypted SafeNotes files?
SafeNotes uses the finest hash algorithm with cycle cascading to generate unique key from passphrase, public master key and salt, and the best encode algorithm in cascade to encode the document. These are the best hash and encode algorithm and, used in these form, are absolutely unbreakable.
The only weak point is your password. Using purely random alphanumerically characters (a-z, A-Z, 0-9) as your passphrase, you need to specify 11 unique characters for 64-bit security. And for 160-bit security you need up to 30 characters. To solve this problem there is built-in passphrase dialog always displaying computed password quality.Let's compare password security with another systems: To crack 11-character password on very weak encryption in windows logon, a supercomputer needs only a few seconds. Cracking the same 11-character password used in SafeNotes will take thousands of years.
What are the details of the encryption used in SafeNotes?
Your password is used as input to create the subkeys and the safekey. Cryptographic functions as SHA1, RipeMD160, Tiger2, SHA256, RipeMD320, SHA512, PBKDF2, BCrypt, SafeCrypt are used for key creation. The number of iterations is 52224. Two type of Salt is used to prevent rainbow table attacks. The first salt (128-bit), named as Public Master Key, is used after password entering. The second salt (256-bit) is used when file is being saved. This second salt is encrypted using the password and the first salt.
Ciphers for encryption are AES, Blowfish, Twofish, IDEA, CAST6 and Serpent. They are used one after another in cascade with separate keys and initialization vectors. This requires a key with a 2240-bit length. SafeNotes uses three independent keys, one for head, one for salt and one for data encryption. This will increase the need for keys to 6720-bit. Much more than the most commonly used 128-bit and 256-bit keys.
Typically data is compressed before encryption using zlib, a standard deflate algorithm, described in RFC 1951 and RFC 1950.
The data in the file header section contains information about the file size, file name and file modification times as well as version information, integrity checksum etc. Header is encrypted with unique key without ties to key for data encryption. For integrity checking two 48bit CRCs are used, binary compatible with CRC32 & CRC16. First is created for original unencrypted data stream and second for all data after encryption including the file header.
How secure are the generated Bitcoin wallet addresses?