# Technology

## How it works

Why is CryptoPad unique?

CryptoPad is different from other services for keeping secret information.
Common services have your password stored on the server and enrypt your data
there, too.

We do not have your password and are unable to get your data since it is
encrypted on your computer.

You don't need to worry if CryptoPad is secure — just be sure to secure your
computer.

CryptoPad uses AES for encrypting our data with your password and MD5 for creating authorization token. The token prevents people not aware of your password from erasing data stored in your CryptoPad. The token is created from your password and sent to the server, but it is impossible to restore the password from the token.

## AES encryption algorithm

AES (Advanced Encryption Standard) encryption algorithm is the US government official encryption standard since May the 26th, 2002. Before that it was known as Rijndael algorithm by Vincent Rijmen and Joan Daemen.

AES — is a symmetric block encryption algorithm with 256 bit (32 byte) block size and 128 / 192 / 256 bit (16 / 24 / 32 byte) key length. Symmetric algorithm uses the same key for encryption and decryption. CryptoPad uses a 256 bit key created from your password by a standard algorithm included in AES. Key length denotes the maximum encryption strength (work amount for a violator not knowing he password to decrypt the data), but the effective strength depends on you password. That is why the password should be the longest possible and includes both upper and lower case letter, figures and other symbols.

## MD5 Digital signature algorithm

Digital signature (or hash function) is a one-way function easy to find from the initial data, while it is impossible to restore the initial data from the value of the function. Cryptography uses these functions for data integrity tests without revealing the data. Instead of comparing data sets, their hash functions are compared. The hash function is chosen so that little variation of initial data brought substantial change to the function, and the only way to get two data sets giving the same digital signature is exhaustive.

Ronald L. Rivest invented MD5 hash function in 1991. It converts initial data of any length into a 128 bit (16 byte) code. For input data CryptoPad uses your password plus a fixed string to prevent a table-based password search.