This organizer is designed to fullfill the highest standards of data security. It stores safely even highly sensitive personal data, in a way that should satisfy the needs of even the most demanding users.
In conventional organizers, data are stored in clear, like in the following examples:
|12/28/2014 2:00 PM||12/28/2014 4:00 PM||Meeting HQ Chicago|
|12/28/2014 7:30 PM||12/28/2014 10:00 PM||Business Dinner...|
|12/30/2014 8:00 AM||12/28/2014 9:30 AM||Flight AA234 O'Hare-LAX|
|12/28/2014||$ 4,200.00||Provision for Property Sale||Private|
|12/29/2014||-$ 1,100.00||Home theatre||Official|
In Cryptobase® every record is encrypted, field by field, using a unique key for every field:
Note: the different colors symbolize the different keys used to encrypt every single field (a total of 65000+ unique keys are used to minimize the probability of 2 fields being encrypted with the same key)
Some software products in the PIM category may allow encrypting the database at the end of the day when exiting the program. This requires opening the database before accessing it and leaving it open and vulnerable as long as it is used.
In Cryptobase, all information is permanently stored in encrypted form on the physical memory support (hard disk, server, cloud storage etc.). Cryptobase does not need to decrypt the whole database file. If the user looks up a record, the program copies the encrypted record from the database to RAM (volatile memory). Here it will be decrypted before being displayed on the screen. Of course, if edited the record will be encrypted before being written back to the database file.
This principle (see below: Single Record Encryption) provides fool-proof data security because encryption is executed continuously and reliably in the background, without the user ever having to care about it or having to remember encrypting the file after closure: the file remains encrypted.
| fetch 1 single record from database
send to display
|Encrypted database file||Output device (screen)|
||new or edited record
save to database file
Editing on screen
Encrypted database file
Every single piece of information (record) is encrypted with one out of tens of thousands of passwords(see next paragraph). When reading a specific record (e.g. an address), it is copied to the volatile memory (RAM) where it is decrypted before being displayed on the screen. On the harddisk it remains stored in encrypted form. The plain (decrypted) information is NEVER EVER stored on the harddisk or any other storage support, not even partially. If the record is modified, it passes the encryption filter before being written back to the harddisk. Nobody will ever be able to hack or to decipher any info by analyzing the harddisk, not even with the most sophisticated methods available.
While the database is opened with one main Password (the Master Password), internally, tens of thousands encryption keys (composed of random characters) are created with a special algorithm and used to encrypt every piece of information individually. The likelihood of the same key being used more than once in 50000 records is almost nil. In other words, in an average sized database, all records are encrypted with different, individual keys.
Each database has a unique collection of keys, so the data of your database can only be decrypted by the keys of your database.
The 128 and 256 bit encryption algorithms used in this software satisfy the highest security requirements and also used by military and political authorities at the highest level. It has been calculated that state-of-the-art 128 bit encryption algorithms are so strong, that it would take a network of supercomputers thousands of years to decrypt ciphered text, not to speak of 256 bit encryption, used extensively in the program, too. Since every record is encrypted with an individual password, in the utopical event of someone succeeding to break the code, only the information contained in 1 single field in a record would be uncovered.
Block cipher encryption with Rijndael–AES (Advanced Encryption Standard) algorithms. The Advanced Encryption Standard (AES) represents the current encryption standard (Federal Information Processing Standard number 197 or FIPS-197) intended to be used by U.S. Government organizations to protect sensitive (and even secret and top secret) information.
SHA-1 and SHA-256 message digest hash algorithms (thousands of cycles).
Password-based key derivation function (PKCS #5 v2 PBKDF2)
Secure random number generators compliant with FIPS-140-2 and X9.31/X9.17
Cloud Syncronization relies on assymmetrical encryption (RSA keys) of symmetric keys that are randomly generated for every single info sent to and from the cloud. Any interception of data would be useless to the offender.
Independent of Microsoft Cryptographic API
This function provides an additional level of security. Of course, all data, without exception, are securely encrypted. But you can mark some data as particularly sensitive ("private"). These data can be hidden on the fly (pressing the "Hide" button on the toolbar) as soon as someone else gets close to your monitor or if another person has to use your application (e.g. your secretary).
To unlock and view hidden "private" data, the user has to enter the PIN or, if the PIN was not correct, re-entering the main password is required.
If you activate this function, the program will be closed automatically after a customizable period of 1-15 minutes of inactivity. This prevents you from inadvertently forgetting to close your database when leaving your workstation.
Alternatively, you can opt for not exiting the program, but to just hide the data you marked as particularly sensitive ("private"), to close the active section (e.g. the Calendar or the Diary) or to close the database when the program has been idle for some time.
Many times, information retrieved in the organizer has to be copied to other applications with the copy-and-paste technique. There is risk that sensitive data (e.g. passwords) remain inadvertently in the clipboard for long time, even after closing the organizer. In order to avoid this security gap, content copied to the clipboard is kept there only for 30 seconds, normally sufficient to be used in other applications. The app clears the clipboard memory also when exiting the program.
The PIN code fills only one purpose: it provides an quicker access to the database when the app has been in stand-by (e.g. after having been idle for some time). The PIN may be particularly useful in mobile devices because, being numeric, is less awkward to digit than the more complex main password. However, to maintain a high level of security, supplying the main password is required after entering a wrong PIN-code.
Minimum Password length: 8 characters. 8 characters reflecting the available keys of the keyboard would theoretically require a mean of 92^92/2 attempts to open the database. The higher the number of characters, the lower the risk of cracking the Password. In addition, it is of extreme importance to choose a difficult to guess Password. It should contain numeric keys, upper and lower case keys and non-alfanumeric keys.
Forced delay between Password inputs: 2 seconds (this makes it virtually impossible for automatized brute-force attacks to open the database). The hash cycles are in the tens of thousands.
Maximum number of retries: after 3 wrong Password inputs, the application is closed. Reopening the program takes some time, which is an additional protection against brute-force attacks
The data backed and synced with the cloud repository do travel exclusively as encrypted data. No one intercepting the data on the way to and from the cloud can use o interpret the content. The application sends the encrypted data with double encryption, using a single use random key for every transmission parcel.
If a hacker manages to download a complete database, the file will be worthless as long as he cannot guess its main password. The same is true for someone finding or stealing a smartphone containing your data: the database cannot be cracked and is therefore useless to anyone trying to analyze the content.
Any attempt to corrupt your database with dummy data in order to make them inaccessable to you (e.g. by using a virus to overwrite/modify the data in your local database) will be detected and will not propagate to the cloud backup. You can restore the database from the cloud repository.
This is one main strength of this app: there is no way for a curious intruder to reset the password or retrieve it from the app or from the database. This is also true for the developer of this app.
On the other hand, this means also that if you forget the main password, you will not have any chance to open your database.
The strength of your main password determines the security of your database. A strong password will make for a totally secure database which will be impenetrable for anyone using even most sophisticated cracking methods. Therefore, select it carefully, remember it and keep a written copy in a safe place. And remember again: there is no way to retrieve the password if you forget it!