SQLCipher 3.0.1 Release

2013-12-06 14:55:10 -0500

This release contains a fix for the PRAGMA cipher_migrate feature we added with the 3.0.0 release. A migration issue existed when a passphrase that was longer than 64 characters, or a raw hex key was provided which caused a failure during migration. In addition to the bug fix, we've added a new PRAGMA called cipher_add_random that allows one to add externally sourced entropy to the entropy pool of your configured crypto provider. Currently there is support for this via the OpenSSL and libtomcrypt providers. The format must be provided as blob literal containing a hex sequence. An example would look like this:

sqlite> PRAGMA key = 'test';
sqlite> PRAGMA cipher_add_random = "x'deadbaad'";

Please take a look at the 3.0.1 release and let us know if you have any questions or feedback.

Tempo Maintenance, Sunday November 17th at 10 PM EST

2013-11-15 13:51:18 -0500

This Sunday night, November 17th 10pm EST, Tempo and other web systems will be temporarily unavailable while we perform critical patch updates to ensure the stability of our services.

This maintenance outage will also affect the Tempo API, the the Connect website, and the site for Codebook.

Down time could last up to 1 hour, however we hope it will be completed much more quickly. If you need to get in touch with us for any reason, please don’t hesitate.

STRIP 2.1.0 Released

2013-11-12 09:46:26 -0500

This morning we've released STRIP 2.1.0 for all versions of STRIP in the various App Stores and made it available via auto-update in the desktop apps. This version of STRIP includes a major security upgrade and is not backwards compatible or sync compatible with earlier versions of STRIP. Thus, you should be prepared to upgrade all copies, and please back up your data before proceeding.

Important Upgrade Notes

Instructions for updating each STRIP are available on our FAQ.

  • Please backup your mobile devices and desktop databases before upgrading, either via WiFi, Dropbox, or Google Drive.
  • When you log in to STRIP 2.1.0 for the first time the database format will be updated. Due to database file and feature improvements, STRIP 2.1.0 will not sync with earlier versions of STRIP. Therefore, you should plan to update all of your devices and applications to STRIP 2.1.0 at around the same time. More information is available on our upgrade FAQ.

What's New

STRIP 2.1.0 features our updated SQLCipher encryption engine, and increases the number of PBKDF2 iterations used to derive your database key from 4,000 to 64,000, providing substantial security gains against increasingly sophisticated brute-force attacks. 

STRIP for Android

  • Increases PBKDF2 iterations from 4,000 to 64,000
  • Upgrades SQLCipher to version 3.0.0
  • On the fly searching - search as you type
  • Sync with other copies of STRIP requires minimum version of 2.1.0

STRIP for Windows

  • Increases PBKDF2 iterations from 4,000 to 64,000
  • Upgrades SQLCipher to version 3.0.0
  • Sync with other copies of STRIP requires minimum version of 2.1.0
  • Fixes ObjectDisposedException during data import

STRIP for OS X

  • Increases PBKDF2 iterations from 4,000 to 64,000
  • Upgrades SQLCipher to version 3.0.0
  • Sync with other copies of STRIP requires minimum version of 2.1.0
  • Fixes erroneous caching of field value heights on record view
  • Fixes truncation of long notes in view
  • Adds a Choose button to password generator view, corrects value copy into editor
  • Fixes masking of newly created fields after editing is completed
  • Auto-lock timer now stores setting in the encrypted database to prevent tampering
  • Adds preference to lock STRIP on start of screensaver and screen lock

STRIP for iOS

  • Increases PBKDF2 iterations from 4,000 to 64,000
  • Upgrades SQLCipher to version 3.0.0
  • Sync with other copies of STRIP requires minimum version of 2.1.0
  • Uses Apple's CommonCrypto for hardware-accelerated cryptography
  • Fixes crash adding date fields on iPad version
  • Prompts for current password before allowing password reset
  • Fixes appearance of "Export Data..." button on Lite version
  • Changes minimum supported OS to iOS 5.0 for iPhone versions (still 6.1 on iPad)

SQLCipher 3.0.0 Release

2013-11-11 17:14:25 -0500

We're excited to announce that SQLCipher 3 is now available. This release includes several substantial improvements:

  • New default key derivation iteration count of 64,000, a 16x PBKDF2 work factor increase over the previous version
  • New PRAGMA cipher_migrate, a simple utility command to upgrade an existing 1.x or 2x. database in place
  • New sqlite3_key_v2 and sqlite3_rekey_v2 functions to allow keying and rekeying of named databases
  • New ATTACH behavior, requiring an explicit key to be passed for encrypted databases
  • Extended Raw Key/Salt feature, making it possible to set both the encryption key and database salt via a raw key specification
  • Based on SQLite 3.8.0.2, a recent stable release of SQLite

Detailed notes about the differences are available in the original SQLCipher 3 beta announcement post.

It's important to note that these key derivation changes enable a much higher level of security than previous versions though, by default, SQLCipher 3 will not open older database. To enable backwards-compatibility, it is possible to adjust settings at runtime or migrate older databases:

  1. To open an older database using SQLCipher 3, set the KDF iterations back to the old value of 4000 using PRAGMA kdf_iter = 4000
  2. To attach and export data to a new database, use the sqlcipher_export() convenience function
  3. To migrate and upgrade an existing database in place, use the new PRAGMA cipher_migrate feature

Finally, as a result of the increased key derivation count, users may notice that opening and keying a database takes longer in SQLCipher 3 than with previous release. Noticeable performance issues can almost always be avoided by ensuring that applications do not frequently open and close connections. That said, while we strongly recommend using the new default KDF settings, it is possible to set the default back to 4,000 iterations before any databases are open by calling the global PRAGMA cipher_default_kdf_iter = 4000; before invoking the SQLCipher library.

The latest source code can be found in the official project repository, and SQLCipher Commercial Edition libraries are already available in the SQLCipher Store. Commercial edition customers with CipherCare may contact us with their original order number for details on how to download an update.

Please take a look, try out the new library changes, and let us know if you have any feedback. Thanks!

STRIP Update Fall 2013

2013-10-31 13:16:42 -0400

STRIP is our password manager—we put a lot of love and work into it, we want it to be as secure and easy to use as possible, we really want it to be the best password manager out there. But we don't usually publish our long-term plans because we like to set our own timelines and we don't want to over-promise and under-deliver. STRIP is a pretty big project, involving four native applications that sync together, so our planning process is quite careful and iterative. This can give the impression that we're moving slowly when we're actually doing a ton of work behind the scenes. Since folks are asking a lot lately, we'd like to tell you about the next version of STRIP, and provide some insight on where we're going from here.

STRIP 2.1.0

The next, soon to be released version of STRIP for all platforms is version 2.1.0. We've been testing it all summer alongside a major update to our encryption engine SQLCipher. We're preparing the iOS and Mac versions for app store review now and hope to release all versions simultaneously (including Windows and Android) as soon as we're approved for release. This version will be available for free to upgrading customers.

Here's what you should know about STRIP 2.1.0:

  • It increases the number of PBKDF2 SHA-1 iterations used to protect your database key from 4,000 to 64,000
  • We believe this change is critical to protecting our customers from increasingly sophisticated attacks
  • It is not backwards compatible, once the database is upgraded it cannot be used with older versions
  • It will not sync with earlier versions of STRIP, you'll need to upgrade STRIP on all your devices
  • It's important that you upgrade to this version for future compatibility

This change to your encrypted database is an enormous gain in security at a time when powerful, well-funded organizations as well as individuals and researchers are developing sophisticated means for attacking encryption systems, and in particular brute-forcing passwords. With computing power increasing rapidly it is time to make attacks on STRIP's encryption literally more expensive, massively so.

Some additional things to note about the iOS and OS X versions:

  • iOS versions now use Apple's CommonCrypto library for hardware-accelerated encryption
  • The iPhone version supports iOS 5 up to iOS 7
  • The iPad version supports iOS 6.1 up to iOS 7
  • The OS X version supports OS X 10.6 up to OS X 10.9

We had to drop support for iOS 4.3 finally, because CommonCrypto hardware acceleration support is not available to us there, and it's absolutely necessary due to the increase in PBKDF2 iterations on the database key. Hopefully anybody still running 4.3 out there has the ability to upgrade to the latest iOS. We realize that's not everybody, but numbers suggest there are very few folks in that position, and we do have a contingency plan for anyone who does (if that description fits you, please get in touch with us soon.)

It's important that you upgrade to 2.1

Device and sync compatibility are really important to us and minimizing disruption is best for our customers. In STRIP 2.2 we won't be changing the database format again, but we may start changing the minimum supported OS versions of the various apps as we seek to improve them and take advantage of new APIs. This means that STRIP 2.1 running on older devices that either can't upgrade STRIP to 2.2 or can't upgrade to the latest version of their OS in order to upgrade will remain sync-compatible with STRIP 2.2, allowing us to proceed with needed enhancements without leaving customers on 2.1 out in the cold.

That's why we think you should upgrade as soon as possible, once STRIP 2.1 is released. We've been testing this upgrade for many months to make sure we've got it right, and we'll be standing by to help if there are any issues.

STRIP for iPhone and iPad version 2.2

STRIP for iPhone and STRIP for iPad are going to get face-lifts for iOS 7, we're working on them now and we think you're really going to enjoy the change, it's already a pleasure for us as we work on it, make changes, and test. Here's a sneak peak at the Sync screen in progress:

Work in progress, not final by any means

We're revisiting all of our interfaces as we go over them, to see if we can do a better job, and that was certainly the case for the Sync view. I always wanted to provide better indicators of current sync status. Not only is it a pleasure to watch the red-tinted progress bar zoom across the screen, this will be a big help when debugging issues with our customers by providing them with more information.

This version will also be available for free to upgrading customers.

What's Next

Image and media storage is one of our biggest and oldest feature requests, and we've already done some proof-of-concept work there. It presents challenges in speed and efficiency when it comes to sync operations. Another of our biggest feature requests is background sync—it should just work. And the other biggest feature request is sharing databases—allowing you to decide which of your data you share with whom, with seamless synchronization of your records. The magic word here is sync.

These are not easy problems to solve well and we want to make sure we get it right in the experience department, in making STRIP as easy to use as possible while providing these great new features. On top of that, we need to make sure we maintain and improve the high level of security and diligence our customers have hopefully come to expect from us. Putting aside the interface changes, what we need is a new sync system. We think solving these problems together is critical to providing the best version of STRIP yet, and work is already underway. We call it STRIP 3 and it's pretty much where we've always wanted to take the app, ever since we launched as a stand-alone app on the iPhone.

Beta Testing

Want to help us make STRIP better? Please consider joining our beta testing program. We're looking for testers who are excited to run the latest betas as we go forward, test with (backed up) real-world data, and provide lots of feedback. If that sounds like you, please get in touch!