When we were creating DataNow Vault, our main focus was on give you the ability to secure your own files. We spent a long time working on the encryption logic to make it secure, but we completely forgot to provide you with any information about how we do it, and therefore how secure your data really is.
We hope to answer your questions in this blog post, but if there is anything else you wish to know, please leave us a comment and we will provide an update in a future blog post.
When it comes to cryptography, there are many areas you need to consider, so it always helps to have an expert at hand. Thankfully we already do. We can’t tell you where our expert used to work, but if you were to speculate where the best place was for a cryptography expert to work, you’d probably be right – but we couldn’t possibly confirm.
There are a number of areas you need to consider when working with cryptography:
Rather than detailing each of these individually (and you’d probably be better reading through the Wikipedia articles), here are the main points of the DataNow Vault encryption. We use the symmetric AES algorithm with a 256 bit key length. We use unique initialization vectors (IV) for each file to ensure the encryption algorithm is unpredictable. And for each file, we strengthen the entered passphrase with a unique salt.
What all of this means is that if the same user, uses the same passphrase, on the same machine, to encrypt exactly the same file multiple times, each resulting encrypted file will have different encrypted contents. Try it! In fact, if you are using a different piece of encryption technology, and the same passphrase results in the same encrypted file contents, you really need to get the provider to fix it, or you should think about switching to using something else. Good encryption is hard to write, so you should always prove whatever you are using is working correctly.
We’ve tried to make DataNow Vault as secure as possible, and at the same time keeping it as easy to use as we can. The only thing you need to do is remember your passphrase.
Hope this is useful. If you need more information, or have any other questions, please leave a comment, or send us an email email@example.com .