Recently I have been doing a bit of travelling for work to visit vendors and this has involved some lengthy train journeys. On these journeys I decided to set about writing a small little application that I had a use for. Initially I wanted a password vault, but when I thought about it more, I realised I wanted a secure way to store all sorts of information, like passwords, license keys, financial data etc.

Safe Pad : Rich Text Editor with strong encryption.
Safe Pad : Rich Text Editor with strong encryption.

So, whilst whiling away the hours on the train I started developing Safe Pad. The application is a pretty typical Rich Text based editor, but when you save your documents they are compressed and then stored by encrypting it with AES 256 three times using 2 passwords. This is a similar theory as to when the DES algorithms life was extended by using it to triple encrypt.

AES 256 is already a very strong algorithm, but when used in an application like this people still tend to use rather weak passwords which makes them susceptible to dictionary attacks. Because this application triple encrypts you are prompted to enter 2 passwords, therefore the program encrypts with password 1, then password 2, and then password 1 again. It adds that extra layer of protection for your secrets. Of course, this isn’t an excuse to use weak passwords, I still recommend using strong passwords made up of mixed case letters, numbers and non alpha-numeric symbols.

I have developed the program enough to a stable 1.0 release. It is quite basic, but then again it doesn’t need to be complicated. I have released the source code on CodePlex under the GNU Public license and this marks my first foray into the world of open source software development. Feel free to download the application if you think it will be useful to you. It costs nothing.  If you are not interested in messing around with the source code, then there is an installer you can use to install the application. If you feel like adding some features, then the source code is available for you to play around with.

I have also written a blog post explaining the solution and code structure of Safe Pad should anyone wish to contribute to it.

Participate with Coding in the Trenches on Facebook
Participate with Coding in the Trenches on Facebook by Click the button above.
Advertisements

4 comments

  1. It would be nice to save documents in a standard file format supporting encrypion. With that it is possible to use any other tools at least for reading the documents. For example, PKZIP with AES256. If somebody do not want or not able to use Safe Pad, there is still a possibility to access and read the documents.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s