[Owncloud] Encryption

Aggelos Economopoulos aoiko at cc.ece.ntua.gr
Tue May 22 19:07:09 UTC 2012


On 22/05/2012 12:20 μμ, Andreas Schneider wrote:
[...]
> If you encrypt and decrypt on the server there is no real security at all. The
> admin/person having full access to the machine will always have a way to get
> the encryption password.

Indeed. What needs to be clarified here is what the threat model is. 
What does this encryption scheme try to protect against? Offline attacks?

AFAICT, it's not doing a good job at that either. The key is just 
blowfish-encrypted with the user password (a simple, unsalted, hash of 
which seems to be stored in the DB, i.e. next to the key itself). But 
that probably doesn't matter much either, as the key is generated by

$key=mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999);

I.e. by calling a PRNG four times in a row and concatenating the result.

The encryptFile function doesn't seem to be used. And that's a good 
thing, as encrypting a file that has already been stored in plaintext on 
the disk is a Bad Idea. You can never be sure the data is really gone. 
As it is, there's a fair chance it can lose data in case of a crash too.

TBH, despite any good intentions, the code does not inspire confidence. 
Quite the contrary. There are more crypto problems not too far below the 
surface.

Again, this is all secondary. The important question is: what are you 
trying to protect against?

HTH,
Aggelos




More information about the Owncloud mailing list