Cryptnos

Disclaimers


Last updated May 18th, 2010

Please read the Cryptnos license for complete licensing information. Cryptnos is released under the GNU General Public License version 2, which outlines information concerning its use, redistribution, and warranties. Please read this license fully before using this application.

Since Cryptnos is designed to generate strong, pseudo-random passphrases, security should be a paramount concern for both you and us. It would be safe to assume that if you’re considering Cryptnos for your passphrase generation needs, you likely have deep concern for the protection of your data and account credentials. Fortunately, Cryptnos is right behind you, protecting your data as best it can.

Whenever possible, Cryptnos encrypts any data it stores to protect its contents. The method for storing parameter information varies from platform to platform, but they are intended to be unique to the system in question and irreversible. Whenever possible, high-grade 256-bit AES encryption and strong cryptographic hashes are used. The parameters cannot be recovered, even by the machine’s administrator, without incredible brute-force attacks.

During export, site parameters are again encrypted using AES, this time keyed to a passphrase entered by the user during the export process. The same passphrase is required during import, protecting the data from unauthorized access. The passphrase used for export and import is never saved.

In all cases, any time the site parameters are stored, the user’s secret passphrase is never stored. Thus, even if an attacker somehow managed to break the encryption protecting your parameter data, they would never have all of the elements required to generate the final passphrase. As such, the secret becomes the most import part of your parameter information and should be the most closely guarded. It should never be written down or stored anywhere, and you should be wary of potential social engineering attacks by which an attacker may trick or coerce you into revealing your passphrase.

Of course, for the truly paranoid, you can instruct Cryptnos not to store your parameter information. The exact method varies with the platform but when this setting is specified, nothing will be written to storage and, by consequence, nothing can be imported or exported. This of course requires you to know your site token, secret passphrase, and optional parameters for every passphrase your generate. This is certainly the most restrictive and secure mode to operate in, but the least convenient.

For the extremely paranoid, you should never use the generated passphrase exactly as it appears. You can add yet another layer of security by slightly modifying the generated passphrase before using it at the target site. For example, you could generate a passphrase and then transpose the first three characters, rotating them so the second becomes the first, the third becomes the second, and the first becomes the third. Then if an attacker somehow managed to break all the layers of encryption protecting your parameters as well as socially engineer your secret passphrase from you, they will not be able to use any generated passphrases as is. Such an added step may seem pointless or cumbersome, but definitely adds another layer of complexity that vastly improve the overall security of your logins.

Cryptnos should never be used to generate passphrases on a device which you do not control or trust. Any device can be compromised by viruses, trojans, keyloggers, or any number of other forms of malware. Keyloggers can scan everything you type, including your secret passphrase. Some malware takes screenshots of items on the screen, which may include your site token and your generated passphrase. Any program that compromises the system memory can read the memory addresses of other programs, which may include any site token, secret, or generated passphrase used by Cryptnos. And while a security conscious user can taken plenty of precautions to ensure that their own system remains secure, you should never trust a publicly accessible system or other device that you cannot guarantee its security.

Serious crypto-heads should take note that the AES encryption used by Cryptnos uses an initialization vector (IV) that is programmatically generated rather than being truly random. There are two reasons for this decision. The first, with respect to saving the site parameters to storage, the IV would need to be stored somewhere on the system in order for it to be used later to retrieved the saved data. Storing the IV in, say, the Windows registry would be counterproductive (similar to storing the combination to a safe under the safe’s foot), and saving it to disk would simply be transferring the problem somewhere else (storing the safe combination in the unlocked desk drawer nearby). On the second item, concerning the export/import process, the IV must be something that may be generated on multiple machines; if you are moving your parameters from one machine to another, you will obviously want to decrypt the data to import it. A truly random IV would be difficult to deal with in this case, and the user would be required to enter it as well as the passphrase to decrypt the import. Thus, despite the fact that a truly random or pseudo-random IV would offer far superior protection for this encrypted data, we instead use a generated IV in our encryption methods. This IV is generated using various cryptographic hashes, salts, and similar data, so we consider it to be “good enough” for most circumstances. However, we point this distinction out so you can decide for yourself if “good enough” is good enough for your personal needs.

Because of the nature of this application, it is strongly recommended that you create a full backup of your site parameters (via the export feature) any time you make a change. For the highest level of protection, this backup should be stored in a safe place external of your machine, even though the data is encrypted. Any number of events may occur to destroy or attempt to modify your saved parameters, such as virus or malware infections, catastrophic hard disk failures, or even malicious (or incompetent) system administrators. Even a change as simple as changing your Windows login user name or the machine’s network name may render your parameters useless, since these items are used (along with several other things) to seed encryption keys and hashes when storing your data. Therefore, a redundant, external, independently encrypted copy of your parameters should be maintained at all times in order to restore your parameters should they become destroyed or unusable. We consider this to be the user’s responsibility and we cannot be held responsible for your inability or unwillingness to keep such a backup.

Cryptnos is available for multiple platforms. At this time, we cannot guarantee compatibility between these versions. In our limited testing, passwords generated by one version one one platform were identical to passwords generated by other versions, and we believe this will remain the case so long as the underlying text encoding used on both platforms are identical (i.e., you may use Unicode on both systems). Cryptographic hashes operate on binary data, and as long as the inputs are converted into binary and manipulated in the say way, the output should always be identical. If, however, you use one text encoding on platform and a different text encoding on another platform, you will likely get incompatible results. Before relying on Cryptnos for password generation on multiple platforms, you should experiment with each version you intend to use and make sure the results are the same.

Prior to version 1.1, export files for versions of Cryptnos on different platforms were platform-specific and incompatible. This limitation has been removed in version 1.1. To take advantage of this cross-platform feature, you must upgrade to version 1.1 or higher. Newer versions will still be able to read the original 1.0 platform-specific export formats, at least for a reasonable length of time. Users are strongly recommended to replace their old 1.0 format exports and backups with version 1.1 or higher versions. 1.1 or higher exports will not be backward compatible with Cryptnos 1.0.

Starting with version 1.1, Cryptnos for Windows (and potentially future versions on other platforms, such as Cryptnos for Java) will periodically check this site for updates. We feel that this is a vital and important feature as updates may include security patches and important bug fixes that are critical to maintaining your password security. No personally identifiable information will be sent to this server during the update check process. The IP address of the machine running this check may be recorded in our server logs, but otherwise we will not collect any information during this process. A mechanism has been provided to prevent this check from occurring if the user feels it is absolutely necessary to disable it; see the documentation for the individual platform versions for how this can be performed. However, disabling the update check is strongly discouraged.