Make your notes secure again!
Pyptopad is (going to be) a simple tool for storing your text notes safe.
Write down your thoughts, love letters or shopping list, save&close — and sleep well, because (hopefully) nobody can read your secrets!
No warranty, as is and all this crap. Hey, we are not cryptographers, we are just a couple of sophomores who've got to make something for their python course.
Bro, if you are looking for an app for organizing a transatlantic cocaine trafficking, pyptopad is probably not your best choice.
python3 -m pip install pyptopad-1.0-py3-none-any.whl
python3 -m pyptopad
See the disclaimer.
No.
While designing pyptopad, we kept in mind the golden rule of cryptography: "Don't roll your own crypto", so we wanted to write by yourselves as little crypto-related code as possible and use existing crypto solutions wherever possible.
But what if cypto library of our choice turns out to be broken? Or so does the encryption algorithm? Or the hash function? We couldn't put all our eggs in one basket.
For this reason, pyptopad encryption relies on three independent implementations of three different encryption algorithms. Thus, if at least one of them isn't broken — cryptography primitives are probably not the weak link in pyptopad.
So, your pyptopad database is encrypted with three-layer encryption (our hope is that no three-letter organization has exploits to all of these):
- Layer 1: Fernet module from the pyca/cryptography library. It uses AES for encryption and SHA256-based HMAC for authentication.
- Layer 2: Kuznyechick cipher in CFB mode from the pygost library. Kuznyechick is a Russian encryption algorithm defined in the National Standard of the Russian Federation GOST R 34.12-2015. Sorry, NSA.
- Layer 3: SecretBox module from the PyNaCl library. It uses Salsa20 stream cipher for encryption and Poly1305 MAC for authentication.
Each of the ciphers uses its own key. All encryption keys are mutually independent, even though they are derived from a single password. For our Fernet-GOST-PyNaCl cascade, the key derivation function is instructed to derive a 768-bit encryption key from a given password. The generated 768-bit key is then split into three 256-bit keys, out of which the first key is used by Fernet, the second key is used by GOST, and the third one by PyNaCl. Hence, even when an adversary has one of the keys, he cannot use it to derive the other keys, as there is no feasible method to determine the password from which the key was derived (except for brute force attack mounted on a weak password).
For key derivation pyptopad also uses cascade of three different KDF implementations: Argon2i based kdf from the PyNaCl library, GOST R 34.11-2012 (Streebog) based PBKDF2 function from the pygost library and, finally, SHA256-based PBKDF2HMAC from the pyca/cryptography library.
The number of iterations in each KDF depends on choosen security level. Higher security level means more security against brute-force attacks, but also more time for decryption.
256+256+128=640-bit salt is used, which means there are 2^640 keys for each password. This significantly decreases vulnerability to 'off-line' dictionary/'rainbow table' attacks (pre-computing all the keys for a dictionary of passwords is very difficult when a salt is used). The salt consists of random values generated by python's os.urandom() during the database creation process.
We are trying to make brute-force attacks harder, but if you chose your name and date of birth as your pass, only euthanasia can help you. See here for a guide on choosing a good password.
You can't.
But pyptopad is Free (as in freedom) and Open-Source Software, so nothing stops you from looking through it's source code, luckily it's not gonna be huge.
Lol no.
Maybe, who knows.
- Kirill Liolich, group 241
- Ilya Babkin, group 241