Comment 7 for bug 319423

Revision history for this message
Andre D (andre-ca) wrote : Re: encryption with rednotebook

Working on a branch with AES encryption using pyCrypto. The back-end crypto stuff is all done now and I just need to add the gui front-end elements (enter password/etc). It works by encrypting/decrypting the individual journal files with a password when accessed (and giving them the extension .aes) When a user is loading a journal folder with encrypted files in it (or when encryption is enabled to begin with), it will ask the user for a password to use. The password is then hashed and salted using either multiple (2000 right now *shrugs*) iterations of sha512 or a secure KDF implementation depending on which is available to the user. Users who have an older version of pyCrypto (no windows binaries for 2.5 yet) will be forced to use the less secure sha512 implementation using hashlib rather than the shiny PBKDF2 in pyCrypto 2.5. Anywho, this generates a key and then it is used in with AES (512bit recommended just in case) in CBC mode for the encryption/decryption. What all this adds up to is the ability to have individual encrypted-passworded journal files with no mess. This implementation is not (easily) crack-able via brute-force and most definitely secure.