Stronger encryption
We want 512 bit encryption instead of the current 256 bit. Your compeditors are already using 512 bit AES encryption for their password safe apps.
Dear Anders,
that’s actually a interesting request, because it contains a common misconception caused by misunderstanding of cryptography fundamentals by such manufacturers. Let me explain:
1) Provided you use a sufficient large key (128 bits is large enough) you can’t break an encryption algorithm by brute-forcing it. Unless quantum computers become practical, there’s not enough energy in the entire solar system to try all combinations.
2) There is no such thing as 512-bit AES. AES comes in 3 flavors, 128, 198 and 256 bits. As strange as it may look, 128-bit AES is actually considered safer than the other two, due to advances that have been found by scientists trying to break it.
3) After the 128-bits threshold, adding bits to a cryptography algorithm doesn’t necessarily make it safer. Take AES example above, Bruce Schneier, a famous cryptography scientist, recently wrote: “And for new applications I suggest that people don’t use AES-256. AES-128 provides more than enough security margin for the foreseeable future.” — http://www.schneier.com/blog/archives/2011/08/new_attack_on_a_1.html
pwSafe uses Twofish encryption algorithm (256 bits key). More info about it here: http://app77.com/pwSafe/faq.html#q6 . Although AES-128 would be a better choice (it’s a more thoroughly analyzed algorithm than Twofish), changing algorithms would break compatibility with Password Safe apps for the Mac, PC and Linux, which is a big advantage.