Secret! Security

More information about Secret!'s industrial strength security

We don't believe in security by obscurity. An encryption program that does not name the algorithm used cannot be trusted.

Encryption Algorithms

Secret! iPhone, Secret! BlackBerry and Secret! Android use the built-in standard AES encryption algorithm (AES-128 with 16 byte blocksize and PKCS5/PKCS7 padding). Secret! Desktop and MacSecret iPhone also use AES encrpytion when synchronizing with these devices or when using a local file (standalone usage). AES has become the de-facto standard for symmetric encryption. The cross-platform usage safeguards against implementation errors.

Secret! webOS uses the built-in standard Blowfish encryption algorithm.

Secret! Palm uses the well-known standard IDEA encryption algorithm (International Data Encryption Algorithm) to encrypt your data. No known exploits exist. LinkeSOFT uses IDEA under license from Swiss ASCOM AG (now MediaCrypt).

All encryption algorithms used in the various Secret! variants are considered unbreakable and do not contain any known weaknesses. There are no backdoors or master passwords in Secret! - your data can only be decrypted with your password.

128 Bit Key Length

Your password may consist of up to 24 characters. To avoid common password problems (e.g. with accidental Caps Lock), lower case characters are converted to upper case

If you choose your password right, brute-force attacks (trying every character combination) are impossible: There are 2**128 = 3 * 10**38 key possibilities. Even if you were using all the computers in the Internet (approximately 200 million) and each one were to try one password per nanosecond (1 billionth of a second), you'd still need 2 * 10**21 seconds or 50 trillion years to find the one and only correct password to decrypt the data stored in Secret!

Even if you only use an 8 character password choosen from letters and digits, there are more than 1.7 trillion possibilities. 

Some other security programs brag about using longer key lengths of up to 1024 bit. For any practical purposes, a key length longer as 128 Bit adds no extra security: Your password length determines your effective key length. To use a true 1024 bit key, you'd need to enter a password of (1024/7=) 146 characters which is not very practical. If you use a typical 10 character password, your effective key length is approximately (10*7=) 70 bit and it makes no differences whether you use a 128 bit encryption algorithm or one with a longer internal key length. However, longer keys degrade program performance and increase memory usage.

Security At Focus

Secret! has a unique close-when-off feature that ensures that all text is encrypted

The text is encrypted before the device automatically turns itself off.

Much care has been taken to ensure no copies of your data are unprotected in memory at any time. Dynamic memory used at run time is overwritten with zeros and the entered password is erased as soon as it is no longer needed. The database that is backed up during HotSync contains only the encrypted version of the data.

Record Titles and Category Names

Note that for technical reasons, the Secret! category names and record titles are not encrypted. They are needed in plain text during synchronization to display information in the case of changed/mismatched records. You should therefore not store any valuable information in the category or record title.

Home Top