Master Key encryption no password?

cs35 · March 13, 2019, 3:46pm

Hello everyone,

first of all sorry for the links since my account is new I can’t put more than 2 links so I had to write hppt instead of http.

I’m running the latest version of OwnCloud (i.e 10.1.0) and I’m concerned about the master key encryption. I’m testing the encryption with master key and noticed that it’s never asking for a password when decrypting data.

Is it better to use master key encryption or user key encryption ? I thought the last one was unadvised.

Also, running the master key encryption, I cannot set the recovery key with an admin account hppt://i.imgur.com/7WFcyiy.png.
Nor can I set one with a normal user hppt://i.imgur.com/NYWnlhD.png

Steps to reproduce

Enable master key encryption hppts://doc.owncloud.org/server/10.1/admin_manual/configuration/files/encryption_configuration.html#enabling-encryption-from-the-command-line
Upload data with a user, best is text file so you can cat it when decrypted
Decrypt hppts://doc.owncloud.org/server/10.1/admin_manual/configuration/files/encryption_configuration.html#decrypt-master-key-encryption all files of the user

Actual behaviour

When running the command below

occ encryption:decrypt-all <user_name>

All the data of the user is decrypted without asking a password.

Expected behaviour

Shouldn’t a password be prompted to decrypt any data ?
Does it mean that the master key has no password ?

Server configuration

Operating system: Devuan 2.0

Web server: NGinx 1.14.2

Database: MySQL 5.7.25

PHP version: PHP7.2

ownCloud version: 10.1.0

Updated from an older ownCloud or fresh install: fresh install

Where did you install ownCloud from:

Downloaded the tar.gz and installed with occ maintenance.

Signing status (ownCloud 9.0 and above):

It’s fine.

List of config.php:

{
    "system": {
        "datadirectory": "\/var\/owncloud\/data",
        "version.hide": true,
        "logtimezone": "UTC",
        "installed": true,
        "upgrade.disable-web": true,
        "upgrade.automatic-app-update": false,
        "updatechecker": false,
        "maintenance": false,
        "loglevel": 2,
        "log_type": "syslog",
        "singleuser": false,
        "filelocking.enabled": true,
        "memcache.local": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "localhost",
            "port": 6379
        },
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "apps_paths": [
            {
                "path": "\/var\/owncloud\/apps_orig",
                "url": "\/apps_orig",
                "writable": false
            },
            {
                "path": "\/var\/owncloud\/apps",
                "url": "\/apps",
                "writable": false
            }
        ],
        "mail_smtpmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "25",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "***REMOVED SENSITIVE VALUE***"
        ],
        "overwrite.cli.url": "http:\/\/localhost",
        "dbtype": "mysql",
        "version": "10.1.0.4",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "instanceid": "***REMOVED SENSITIVE VALUE***"
    }
}

Are you using external storage, if yes which one: local

Are you using encryption: yes, master key

Are you using an external user-backend, if yes which one: none

hodyroff · March 14, 2019, 3:20pm

As the name says Masterkey is one key to crypt them all … Yes, it is recommended if you need encryption. The sysadmin is able to decrypt, that is the idea and value. A recovery key is not needed.

Please share your concern, your attack value and use case!

cs35 · March 14, 2019, 4:38pm

Hi hodyroff,

Thanks for your answer.

Yes I’m aware that the masterkey encryption is one key to encrypt all the data even though the documentation says that there are also keys for every data you upload (i.e data//files_encryption). I’m assuming it’s used to better deal with the shares.

Alright for the recovery key it does makes sense not to have one with the masterkey encryption.

Although, why is there no password for the masterkey ?

Here 's the use case.

Server A is a simple OwnCloud
Server B is a NAS

The data directory is on Server B and you mount it throught NFS on Server B. It means that your masterkey is on Server B. If anyone breaks in Server B they can take all the data directory with the masterkey and therefore decrypt all the data. So, having a password when you start your OwnCloud instance might be useful to circumvent this use case. I know you can move the location of the keys which is what I did so nothing unencrypted can be on the NAS.

Don’t hesitate to ask if it lacks information.

Thanks.

hodyroff · March 15, 2019, 7:46am

Actually the masterkey is located in the database, not on the storage. You can also move the location of all the file keys for additional security.

https://doc.owncloud.com/server/admin_manual/maintenance/encryption/migrating-from-user-key-to-master-key.html under verify for the location.

In our highly secure Enterprise projects we do put the masterkey into a HSM in the meantime, which makes sure that the ownCloud administrator itself also can’t get to it when reconfiguring things. Of course this continues to rely on organisational protection.

As a last option there is End-to-End Encryption, an overview can be found here and your feedback would be valuable to me:

cs35 · March 15, 2019, 8:27am

Hi hodyroff,

thanks for your answer.

What are the keys in data/files_encryption/OC_DEFAULT_MODULE/ ?

Thanks, yes I indeed moved away the keys within data/files_encryption/OC_DEFAULT_MODULE/.

Very interesting point about the HSM.

Thanks, if we can we’ll try the End-to-End Encryption plugin and give you feedback.

cs35 · March 15, 2019, 9:17am

hodyroff,

I think I found out what’s data/files_encryption/OC_DEFAULT_MODULE/ about, it seems to be a dump of the masterkey from the database. Could you confirm that ?
Thanks.

sharidasan · March 15, 2019, 11:04am

Hi,

If you are referring to the file name, then yes your observation is right.

cs35 · March 15, 2019, 1:21pm

Hi sharidasan,

thanks for your answer.

Alright, could you tell me in which table the keys are stored ? I’d like to backup them somewhere else.

I’m assuming the keys are written in data/files_encryption/OC_DEFAULT_MODULE/ to avoid calling the database often ?

Is it possible if my database gets corrupted and the SQL dumps too (really worst case scenario), to re-import the keys from the directory data/files_encryption/OC_DEFAULT_MODULE/ ?

Thanks.