1Password and the Crypto Wars
It is impossible to absolutely prove that our answers to the easy questions above are truthful. But what I can do is provide a number of more verifiable claims, each of which makes it harder for us to lie about any of this. In combination, these should be enough to persuade you that there is no backdoor (deliberate weakness) in 1Password and that it would be very unlikely for one to be introduced.
One idea that’s not addressed is whether there could be a backdoor in the AES library that they’re using. Actually, what I found most interesting about this post was that they publish the full details of the 1Password 3 Agile Keychain and 1Password 4 Cloud Keychain file formats:
The Agile Keychain format used a separate file for each item in the user’s keychain. Experience has taught us that not only that having each item in its own file creates difficulties for some filesystems, but that it also brings a penalty with data syncing as well. There is an overhead for synching each individual file irrespective of its size. Having hundreds or thousands of small files led to inefficient syncing in some cases. On the other hand, we don’t want a single monolithic file, which would introduce its own problems for synchronizing 1Password data across systems.
We combine items into 16 bands depending on the the item’s unique identifier (UUID). For example, all items that have a UUID beginning with “C” will be listed in the file
band_C.js
. Band files range fromband_0.js
toband_F.j
. If there are no items in a particular band, there will be no band file for it.