This Monday night, December 16th 10pm EST, Tempo and other web systems will be temporarily unavailable while we perform critical patch updates to ensure the stability of our services.

This maintenance outage will also affect the Tempo API, the the Connect website, and the site for Codebook.

Down time could last up to 1 hour, however we hope it will be completed much more quickly. If you need to get in touch with us for any reason, please don’t hesitate.

This release contains a fix for the PRAGMA cipher_migrate feature we added with the 3.0.0 release. A migration issue existed when a passphrase that was longer than 64 characters, or a raw hex key was provided which caused a failure during migration. In addition to the bug fix, we've added a new PRAGMA called cipher_add_random that allows one to add externally sourced entropy to the entropy pool of your configured crypto provider. Currently there is support for this via the OpenSSL and libtomcrypt providers. The format must be provided as blob literal containing a hex sequence. An example would look like this:

sqlite> PRAGMA key = 'test';
sqlite> PRAGMA cipher_add_random = "x'deadbaad'";

Please take a look at the 3.0.1 release and let us know if you have any questions or feedback.

This Sunday night, November 17th 10pm EST, Tempo and other web systems will be temporarily unavailable while we perform critical patch updates to ensure the stability of our services.

This maintenance outage will also affect the Tempo API, the the Connect website, and the site for Codebook.

Down time could last up to 1 hour, however we hope it will be completed much more quickly. If you need to get in touch with us for any reason, please don’t hesitate.

This morning we've released STRIP 2.1.0 for all versions of STRIP in the various App Stores and made it available via auto-update in the desktop apps. This version of STRIP includes a major security upgrade and is not backwards compatible or sync compatible with earlier versions of STRIP. Thus, you should be prepared to upgrade all copies, and please back up your data before proceeding.

Important Upgrade Notes

Instructions for updating each STRIP are available on our FAQ.

• Please backup your mobile devices and desktop databases before upgrading, either via WiFi, Dropbox, or Google Drive.
• When you log in to STRIP 2.1.0 for the first time the database format will be updated. Due to database file and feature improvements, STRIP 2.1.0 will not sync with earlier versions of STRIP. Therefore, you should plan to update all of your devices and applications to STRIP 2.1.0 at around the same time. More information is available on our upgrade FAQ.

What's New

STRIP 2.1.0 features our updated SQLCipher encryption engine, and increases the number of PBKDF2 iterations used to derive your database key from 4,000 to 64,000, providing substantial security gains against increasingly sophisticated brute-force attacks. 

STRIP for Android

• Increases PBKDF2 iterations from 4,000 to 64,000
• Upgrades SQLCipher to version 3.0.0
• On the fly searching - search as you type
• Sync with other copies of STRIP requires minimum version of 2.1.0

STRIP for Windows

• Increases PBKDF2 iterations from 4,000 to 64,000
• Upgrades SQLCipher to version 3.0.0
• Sync with other copies of STRIP requires minimum version of 2.1.0
• Fixes ObjectDisposedException during data import

STRIP for OS X

• Increases PBKDF2 iterations from 4,000 to 64,000
• Upgrades SQLCipher to version 3.0.0
• Sync with other copies of STRIP requires minimum version of 2.1.0
• Fixes erroneous caching of field value heights on record view
• Fixes truncation of long notes in view
• Adds a Choose button to password generator view, corrects value copy into editor
• Fixes masking of newly created fields after editing is completed
• Auto-lock timer now stores setting in the encrypted database to prevent tampering
• Adds preference to lock STRIP on start of screensaver and screen lock

STRIP for iOS

• Increases PBKDF2 iterations from 4,000 to 64,000
• Upgrades SQLCipher to version 3.0.0
• Sync with other copies of STRIP requires minimum version of 2.1.0
• Uses Apple's CommonCrypto for hardware-accelerated cryptography
• Fixes crash adding date fields on iPad version
• Prompts for current password before allowing password reset
• Fixes appearance of "Export Data..." button on Lite version
• Changes minimum supported OS to iOS 5.0 for iPhone versions (still 6.1 on iPad)

We're excited to announce that SQLCipher 3 is now available. This release includes several substantial improvements:

• New default key derivation iteration count of 64,000, a 16x PBKDF2 work factor increase over the previous version
• New PRAGMA cipher_migrate, a simple utility command to upgrade an existing 1.x or 2x. database in place
• New sqlite3_key_v2 and sqlite3_rekey_v2 functions to allow keying and rekeying of named databases
• New ATTACH behavior, requiring an explicit key to be passed for encrypted databases
• Extended Raw Key/Salt feature, making it possible to set both the encryption key and database salt via a raw key specification
• Based on SQLite 3.8.0.2, a recent stable release of SQLite

Detailed notes about the differences are available in the original SQLCipher 3 beta announcement post.

It's important to note that these key derivation changes enable a much higher level of security than previous versions though, by default, SQLCipher 3 will not open older database. To enable backwards-compatibility, it is possible to adjust settings at runtime or migrate older databases:

1. To open an older database using SQLCipher 3, set the KDF iterations back to the old value of 4000 using PRAGMA kdf_iter = 4000
2. To attach and export data to a new database, use the sqlcipher_export() convenience function
3. To migrate and upgrade an existing database in place, use the new PRAGMA cipher_migrate feature

Finally, as a result of the increased key derivation count, users may notice that opening and keying a database takes longer in SQLCipher 3 than with previous release. Noticeable performance issues can almost always be avoided by ensuring that applications do not frequently open and close connections. That said, while we strongly recommend using the new default KDF settings, it is possible to set the default back to 4,000 iterations before any databases are open by calling the global PRAGMA cipher_default_kdf_iter = 4000; before invoking the SQLCipher library.

The latest source code can be found in the official project repository, and SQLCipher Commercial Edition libraries are already available in the SQLCipher Store. Commercial edition customers with CipherCare may contact us with their original order number for details on how to download an update.

Please take a look, try out the new library changes, and let us know if you have any feedback. Thanks!