Is 1Password more secure than an AES encrypted text file?

Think of AES as a very strong and well designed brick that everyone can use. A house made out of such bricks could still be very weak and fragile if the architecture isn’t done right. There are lots of ways a home-grown password management system could go wrong. Here are some:

  1. Encrypting a single large file means that when it is decrypted, all of the decrypted data is resident in memory (and may be swapped, dumped, etc). (1Password, in contrast, decrypts only a single item at a time as it is needed.)
  2. What kind of defenses does a roll-your-own system provide against automated password crackers? Will an attacker be able to test tens of millions of passwords per second or just thousands? Key derivation functions used for this purpose are subtle and tricky things (slides for that presentation).
  3. Source of randomness. Various keys, IVs, salts, nonces have requirements for cryptographically appropriate random numbers. Can you get this in a “roll-your-own” system?
  4. The system needs to be robust against data loss. A single, large, encrypted file is very fragile with respect to data corruption.

Even if you make the right choice with respect to encryption modes, key derivation, memory management etc today, can you keep up with research and developments in how such systems might be broken? Again, with respect to 1Password, we pay very close attention both to the cryptographic literature and to the work being done in the password cracking community.

It is great that everyone and every developer has AES and other strong cryptographic primitives at their fingertips. But unfortunately that isn’t enough to design strong system. These things are substantially harder than one might initially imagine, and it is easy to make mistakes.

Ideally, a developer shouldn’t have to have a deep understanding of cryptography to develop secure systems. The cryptographic libraries’ APIs should be enough. But we aren’t there yet. It is still easier to use the tools in those libraries badly than properly.

We don’t want to discourage anyone from trying and learning. Just understand that there are reasons for the “overly complex” data formats that are used. Don’t think that you can avoid those complexities until you know why they are there.

Still need help?

Give us a shout on our discussion forum. The AgileBits team and our awesome community will be happy to assist you.