Three Levels of Encryption

With PassPack’s upcoming Beta 6 version, you’ll have the tools to take your security into your own hands. Our aim is to give you security, portability and speed.

Until now (Beta 5) PassPack has been using AES-256 bit encryption for all your entries, but Beta 6 will allow you to choose from 3 different level encryptions. On the main page of the Beta 6, next to each one of your entries, you will have a lock. This lock represents your choice of encryption. You can choose a single bolt lock, a double bolt lock or a triple bolt lock (this is the default).

Here’s a mini crash-course in encryption, so you can get ready to make your choice.

Triple Bolt Lock

Triple Bolt LockAES-256 bit encryption, your PassPack default lock. This is the same encryption used by the US government for ‘top secret’ information and would take 149 trillion years to ‘crack’ only one entry encrypted with AES-256. We suggest you use this lock for all sites linked to any personal information, e-mail accounts or links to online shopping.

Once PassPack starts allowing storage of passwords to financial information (not yet though) like credit cards, PayPal or on-line banking, you’ll want to use the triple bolt lock for these.

Double Bolt Lock

Double Bolt LockAES-128 bit encryption. This encryption is also approved and used by the US government for ‘classified’ or ‘secret’ information. You’d probably want to double bolt entries that take you to frequently visited forum sites or social networking sites where your name and reputation is public.

Single Bolt Lock

Single Bolt LockxxTEA-128 bit encryption. This is the fastest, yet least robust, of the 3 locks. xxTEA would lighten your Pack and making unpacking faster overall. xxTEA is a valid option for sites in which no personal information has been disclosed, such as online magazines, download registrations and the famous ‘junk accounts’.

Some folks also store some-non password entries in their PassPack account – like bookmarks. xxTEA would also be fine for these non-critical entries as well.

Make Your Choice

You could choose to set all your entries on any one of the above encryptions or you could mix and match following the suggestions mentioned.

How you use your locks is completely up to you.

Keep in mind that the more accounts you have, the heavier your PassPack will be – so lighten up what you can, giving more speed to the entries which are less critical and extra protection to those you’d prefer to keep ‘top secret’.

Note – we’re still not convinced about those icons, and we may even change the xxTEA algorithm if we can find an even faster substitute.

Technorati Tags: , , , , , ,

About these ads

4 responses to “Three Levels of Encryption

  1. Pingback: Manage Passwords Online With PassPack » Tip and Trick

  2. Pingback: Want to Test PassPack Beta 6? « PassPack Blog

  3. Pingback: Beta 6 Public Preview « Passpack Blog

  4. David Spector

    Here is a much simpler way to get speed for your users without requiring them to choose the encryption algorithm (this is not user-friendly because they can’t really understand the tradeoffs provided by three algorithms):

    1. Separate out the user’s data into one piece for the index (the list of entries), and one piece for each entry.

    2. Encrypt each entry (and the index) SEPARATELY using the best encryption method when the entry is edited or imported.

    3. Store the encrypted index and all the encrypted entries as a single concatenated list of data.

    When the user looks at their entries (opens their pack), decrypt the index only. Note: if this is slow for 100-200 entries, use a less secure algorithm (it’s only the index!).

    When the user selects an entry (to visit that URL and make automatic entries in form fields, or to edit it, etc.), decrypt ONLY that entry, then act on the decrypted data.

    See how simple this is? Instead of encrypting or decrypting the ENTIRE pack on load/store, you need only encrypt a single entry when necessary (this is called Lazy Evaluation in Computer Science).

    I hope this helps you improve your product.

    David

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s