Hi all,
I've been working in .NET ever since the pre-RTM 1.0 release for my Master's Thesis. I continue to code in many languages but have been working on a pet project on the side called Secure Data Organizer.
This is a free program that marks the culmination of several years of design and effort .It is a Password Manager but was designed to be the best one out there. Ease of use (even at the expense of developer pain) was a driving development principle, as was native and intuitive GUI, human-readable XML file format, and public disclosure of encryption algorithms and techniques.
I released it as freeware to the web back in late November. Since then, we've grown to over 1,300 registered users--a nice starting userbase! Our big break may be around the corner--we're scheduled for a PC Magazine review in an forthcoming print issue. As of now, the software is up on windowsmarketplace.com, download.com, Tucows, and a number of other sites.
Importantly, we also developed a version of the software for Windows Mobile based devices using the .NET Compact Framework 1.0 for backwards compatibility (means it can run on Pocket PC 2002 devices).
I wanted to thank this forum for all their support. We've been posting questions (under developer accounts) since the preview releases of VS2005, submitted a number of bugs, and gotten a lot of help from here. What a great resource.
Secure Data Organizer is described in further detail here at the main Visware webpage: www.visware.com
Here are some popular download sites for the product:
Download.com:
http://www.download.com/Secure-Data-Organizer/3000-2092_4-10610387.html
Tucows:
http://www.tucows.com/preview/507912
Windows Marketplace:
http://www.windowsmarketplace.com/details.aspx view=info&itemid=3204908
Quick Feature List:
* Securely store and organize and your usernames, passwords and other personal data
* Create website associations so your personal data appears when a specified website is detected in your web browser
* Drag and drop personal data (such as a login or password) to a web browser field, eliminating the need to type in or remember your information
* Measure your password strength using the password strength meter
* Generate strong passwords using the built-in password generator
* Instantly search all of your encrypted data
* Export your Secure Data Records to a mobile device or PDA so you can access them on-the-go
* Export/Import your Secure Data Records so that you can access them at a separate location, for example, at the office.
Thanks to all for your help over the past year and a half!
Secure Data Organizer - A Free Password Manager Written in .NET 2.0
Yacob3
How does this align with Microsoft CardSpace Effort included in .NET 3.0 Sounds pretty similar from a technology perspective (ability to securely store multiple types of Authentication (Name/Pwd Creds, X.509, Kerberos, Passport, etc...) in a centralized and secure storage that is accesible to the user. When an application asks for credentials, the user can select a credential to provide to the application and move on.
Just trying to understand how your product aligns ...
maqk
Software looks great, but it won't allow me to install on a machine which connects to the Internet though a proxy that requires authentication ("407 Proxy Authentication Required" when trying to register).
Cheers,
Dave
HSBF Lewe
Hmmm... Very interesting issue. It's just a basic HTTP Post over the net. We'll have to add in a "configure proxy server" ability, accessible from startup. I thought that maybe the OS took care of this, but I'll look into what it takes to route through and authenticate against the proxy for outbound requests.
Meanwhile, we're up to 1700 users!
Will Rau
Petr Kadlec
my name is not earl
We are going to make the source available. Whether or not it will be an active open source project is still up in the air--we're getting some community feedback about this.
The release of the source code will be in two phases - (1) The encryption core, and (2) the rest - data reading/writing, GUI, searching, internal data structures, etc.
The product will continue to be free for personal use.
kushpaw
Excellent questions, guys!
First of all: To fully understand the encryption algorithms and process involved, there is a build-in Encryption Demonstration in the app that fully described the encryption procedure and algorithms, and even allows you to run your own test vectors through them. This is important for acceptance from the cryptographic community - full transparency here.
You are right to only fully trust security software that makes the source code available. As an interim step, the above information describes the exact procedure by which your passwords are stored and managed. You should therefore be able to verify by considering your Master Password, the salt bytes involved (as stored in the XML data file), and the encryption algorithms used.
All password data is stored in byte arrays which are explicity zeroed out when no longer needed (e.g., this applies to the Secret Data in the application). A future enhancement is to pin these byte arrays to prevent the garbage collector from moving them around in memory. The Master Password input field is a textbox over a SecureString, and stored in a pinned byte array that is prevented from moving around in memory. Further, this is textfield is "Unpeekable" in that WM_GETTEXT and similar messages will not be able to determine the text in the textbox, even if the Master Passsword is remembered (try it yourself with Spy++ or other tools). A future enhancement is to apply this "unpeekability" to the label controls on the Secret Data panel which a record is encrypted. Taking it one step further, DrawString can be used from the very beginning to render this text instead of a label control, prevent any scraping at all. This is all basic "Hygienic Programming" 101 and most Password Managers don't even begin to think about these things. It's an important consideration in Secure Data Organizer, but still, if somebody has physical control over your machine, there's only so much you can do. So these are the first steps. The bulk of the protection lies in (a) protecting the Master Password via hygienic software techniques, and (b) protecting the actual encrypted data with strong algorithms and smart encryption processes.
Here is the text from the Encryption Demonstration built in to the application:
Secure Data Manger uses published, standardized, government-certified, maximum-strength, state-of-the-art encryption algorithms that are accepted by the cryptographic community to store your Secret Data. This screen will help you learn about these algorithms by visually demonstrating the encryption and decryption process that Secure Data Organizer uses.
Why is this information public The reason is because encryption technology and products should not rely on secrecy of the encryption methods as part of their strength. The methods should be open and documented. It is the strength of the encryption algorithms themselves, combined with a strong Master Password, that provides truly strong security.
Before we get started, there are two important things to know. First, a cryptographically strong Random Number Generator is used to generate all "Salt" bytes as well as all other encryption-related random information. Second, all "byte" data (hash and encryption results) are stored in the Secure Data Organizer XML data file as Base 64 encoded. They are also displayed here as Base 64 encoded. To begin the demonstration, follow the steps below.
Encryption Phase 1
When you first create a Master Password, random "Salt" bytes are generated at the same time. These Salt bytes are prepended to your Master Password. The combination is then "hashed" using SHA-256, which is the 256-bit variant of the Secure Hash Algorithm. The salt bytes are stored visibly in your data file (since they are not a "Secret"), as well as the Salt+Master Password hash. Currently, Secure Data Organizer uses 16 bytes worth of "Salt" prepended to Unicode-encoded Master Password (so an 8-character Master Password (16 bytes) along with 16 bytes of Salt results in 32 bytes of data into the hash algorithm). The output size of SHA-256 is also 32 bytes (256 bits).
Encryption Phase 2
A password "expansion" is performed using your Master Password. The output of this expansion is what is used to perform the actual encryption of your Secret Data. Just before the expansion, more randomized "Salt" bytes are generated and used along with your Master Password to create the expansion. The algorithm used for the expansion is PBKDF2 (RFC2898) using 1,000 iterations. The number of Salt bytes used is 16, and the size of the final key generated is 32 bytes. Note that a different group of Salt bytes is generated for the password expansion for each different Secure Data Record you encrypt. These Salt bytes (which are not a "secret") are visibly stored in the Secure Data Organizer XML data file.
Encryption Phase 3
Each Secure Data Record can contain any number of Secure Data Items. For example, your Online Banking entry in Secure Data Organizer is a single Secure Data Record, but it actually contains three distinct Secure Data Items: (1) your Online Banking username; (2) your Online Banking password; and (3) any additional notes you choose to include with the record. Each of these three items is encrypted separately.
For each Secure Data Item, the encryption process proceeds as follows. The encryption algorithm used is AES (the Advanced Encryption Standard), which is the Rijndael encryption algorithm with a fixed block size of 16 bytes and a key size of 32 bytes (256 bits). The encryption mode is CBC (Cipher Block Chaining) and the padding mode used is ISO10126. For each Secure Data Item, a separate group of 16 Salt bytes is generated for use as the Initialization Vector (IV) into the encryption algorithm. These Salt bytes are different from the Salt bytes used in the key expansion (see above). Each Secure Data Item is then encrypted using the item-specific Salt bytes and the 32 byte key from the password expansion. The final encrypted bytes, as well as the Salt bytes, are stored in the Secure Data Organizer XML data file. If a Secure Data Item is blank (i.e., an empty string), then it is not encrypted.
That's the basics for the moment!
Rossman1012
Toni Greco
MMCompton
I have major concerns about Microsoft's CardSpace effort. I am pretty confident that Microsoft internally has identified a lot of risks associated with the ultimate success of their CardSpace endeavor. It is one paradigm but a lot of issues have to be overcome: centralization; trust; automatic access to credentials; etc. That said, this may be the thing that takes personal credential management to the next level (past storing private keys on your computer in arbitrary places). Still, though, in order for it to gain traction, a lot of people need to come on board.
Secure Data Organizer takes a different approach. Secure Data Organizer is an effort to create the perfect, ultimate "personal" Password Manager: Maximum Encryption Strength, Maximum Convenience / Usability, and Maximum Accessibility. This effort is based on the decentralized, individually controlled password management paradigm. It's "here, now" and controlled and managed by the end-user with no other people or organizations involved. Not unlike the principle behind PGP (Pretty Good Privacy).
I suppose you may be able to think SDO vs. CardSpace as competing paradigms. With the web browser and "login window" (Network or resource or Kerberos authentication assword Windows, for example), Secure Data Organizer has made some strides towards the "automated" process of authorizing with credentials. For example: you make a Website Association, the website comes up, you're prompted for your Master Password, it's remembered because you asked for it to be, you press enter, Autofill and Auto Submit are checked, your username and password get filled into the website, and this information is submitted automatically, and voila--you're in--you only had to press enter--you had control, but had the convenience as well without sacrificing much in terms of security. Decentralized, individually managed.
A central problem is accessibility of the passwords. One solution is to store the encrypted data on a server somewhere. But that storage increases vulnerability; with today's clusters, brute forcing a weak SHA-256 password -- even with Random Salt like Secure Data Organizer uses combined with a 1,000 iteration key expansion--could be done with, say, several thousand computers! But storing them on personal items--personal desktop machines, personal PDAs and cellphones (there's a Pocket PC verson of Secure Data Organizer as well) - is a way to achieve accessbility without centralization, while again, being individually managed without any institutions stepping in. There's even a local javascript version - given a web browser (and hence javascript engine), you can decrypt your Secure Data Records simply by storing them on say a USB key in a special exported file ("Secure Data Records TO GO (TM) )" and opening the resulting HTML file in any web browser (indeed, even on a Palm OS device). As personal "convergent" devices (cell phone, PDA, MP3 player) become almost universal, the problem of accessbility quickly becomes a non-issue as long as the passwords can be accessed on this device in a code-hygienic, safe manner.
Peteraap
Visware,
that is really cool. Why I asked if there is source code to examine is that I only trust security software that makes it available. I want to know how my passwords are being managed. The software is working quite nice (from a user view).
I did check SecureDataOrganizer in Reflector. I was not able to easily determine how the data was stored so even though I am just a happy hacker I am pleased that I couldn't. The assembly wasn't obfuscated and it seems to be able to inject code into it but I don't think it will be an issue. The password to decrypt stored password probably will be enough...
blah569
Really, really nice, Visware.
thames
visware,
you might have guessed I read schneiers blog and use password safe. :)
Any doubts I had is as good as eradicated. You seem to have all the understanding of secure software I expected. I most likely expect less than what actually makes software secure but the mention to clear the buffers when the data is pinned/fixed was a major clue that you actually get memory management in .NET.
I am not a regular user so I didn't like that it was loaded by default as I only load password safe when I need it.
I think it would be good if you were able to release the code but it would be enough to release the functionality that actually works with the password. The UI can be separate and not released.
I am not a cryptologist or what it might be called but if I would analyze a encryption I wouldn't care about the UI.
I think I didn't see any use of it so why not use ProtectedData class