[Owncloud] Encryption
Aggelos Economopoulos
aoiko at cc.ece.ntua.gr
Tue May 22 19:07:09 UTC 2012
On 22/05/2012 12:20 μμ, Andreas Schneider wrote:
[...]
> If you encrypt and decrypt on the server there is no real security at all. The
> admin/person having full access to the machine will always have a way to get
> the encryption password.
Indeed. What needs to be clarified here is what the threat model is.
What does this encryption scheme try to protect against? Offline attacks?
AFAICT, it's not doing a good job at that either. The key is just
blowfish-encrypted with the user password (a simple, unsalted, hash of
which seems to be stored in the DB, i.e. next to the key itself). But
that probably doesn't matter much either, as the key is generated by
$key=mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999).mt_rand(10000,99999);
I.e. by calling a PRNG four times in a row and concatenating the result.
The encryptFile function doesn't seem to be used. And that's a good
thing, as encrypting a file that has already been stored in plaintext on
the disk is a Bad Idea. You can never be sure the data is really gone.
As it is, there's a fair chance it can lose data in case of a crash too.
TBH, despite any good intentions, the code does not inspire confidence.
Quite the contrary. There are more crypto problems not too far below the
surface.
Again, this is all secondary. The important question is: what are you
trying to protect against?
HTH,
Aggelos
More information about the Owncloud
mailing list