Security / Cryptography
What are the key features of SafeNotes?
- As with Notepad, you can easily open or create, edit, and save any text information that is safely stored.
- Can safely store your private notes, web passwords, bitcoins wallets, credit cards information, images and more.
- It can be used for secure emails as well.
- Can by used as a very comfortable password manager. You need only remember one single master password for absolute security for all you data.
- Very precise implementation with strongest crypto-algorithms used in cascade. Independent keys, with six different ciphers uses symmetric encryption with 6720-bits. With the Premium version you can use eight encryption algorithms and up to 16384-bits. Sensitive information stored in memory (e.g. passwords) are stored always only in encrypted form with a random session key. Every saved document is fully checked and verified for 100% correct encrypting and saving. All memory operation is wiped after use. The advanced user mode with an extended range of password characters can significantly increase password security.
Why is SafeNotes secure?
Because it uses only the best and worldwide accepted hashes and cipher algorithms with precise implementation, and its encoding technique and output file structure is fully documented. Anyone may inspect the created output file from the input data and check it for backdoors or errors.
How secure are the encrypted SafeNotes files?
SafeNotes uses the finest hash algorithm with cycle cascading to generate unique key from passphrase, public master key and salt, and the best encode algorithm in cascade to encode the document. These are the best hash and encode algorithm and, used in these form,are absolutely unbreakable.
The only weak point is your password. Using purely random alphanumerically characters (a-z, A-Z, 0-9) as your passphrase, you need to specify 11 unique characters for 64-bit security. And for 160-bit security you need up to 30 characters. To solve this problem there is built-in passphrase dialog always displaying computed password quality.Let's compare password security with another systems: To crack 11-character password on very weak encryption in windows logon, a supercomputer needs only a few seconds. Cracking the same 11-character password used in SafeNotes will take thousands of years.
What are the details of the encryption used in SafeNotes?
Your password is used as input to create the subkeys and the safekey. Cryptographic functions as SHA1, RipeMD160, Tiger2, SHA256, RipeMD320, SHA512, PBKDF2, BCrypt, SafeCrypt are used for key creation. The number of iterations is 52224.
Ciphers for encryption are AES, Blowfish, Twofish, IDEA, CAST6 and Serpent. They are used one after another in cascade with separate keys and initialization vectors. This requires a key with a 2240-bit length. SafeNotes uses three independent keys, one for head, one for salt and one for data encryption. This will increase the need for keys to 6720-bit. Much more than the most commonly used 128-bit and 256-bit keys.
Typically data is compressed before encryption using zlib, a standard deflate algorithm, described in RFC 1951 and RFC 1950. Two type of Salt is used to prevent rainbow table attacks. First salt, named as Public Master Key, is used after password entering. Second salt is used when file is being saved.
The data in the file header section contains information about the file size, file name and file modification times as well as version information, integrity checksum etc. Header is encrypted with unique key without ties to key for data encryption. For integrity checking two 48bit CRCs are used, binary compatible with CRC32 & CRC16. First is created for original unencrypted data stream and second for all data after encryption including the file header.
How secure are the generated Bitcoin wallet addresses?
SafeNotes uses a large random pool, ultra-precise random seed, and the finest cryptographic algorithms for generating an absolutely random private key (randomness = security). This is the best way to securely create Bitcoin addresses and, used in these form, they are absolutely safe. Verification using two independent third-party code eliminates the possibility of any error to an absolute minimum.