Security experts identified a dangerous bug in the Linux Cryptkeeper app which allows users to use a single-letter password “p” for encryption.
Cryptkeeper Linux Android Bug Presents a Problem
The Cryptkeeper Linux system tray applet has been discovered to contain a dangerous vulnerability. It is used to manage EncFS encrypted folders and relies on only several dependencies. The issue is that it allows users to use the single-letter decryption password “p”.
The problem was discovered in the testing version of the Debian 9 (Stretch) distribution which is currently in the testing repository. The cause of the issue is related to a bad interaction with the encfs filesystem’s command interface. Instead of invoking the encfs instance and enter the paranoia mode with a simulated “p” key press, a password with the “p” contents is initiated.
A bugfix has already been issued and we expect to see various package maintaners to introduce it to the packages of their associated distributions. Regarding the issue several experts have already recommended that the package be dropped altogether as it is no longer maintained by its developer.
Encfs Cryptkeeper Interaction
The EncFS filesystem is used to transparently encrypt files using arbitrary directories as storage for the relevant files. The files themselves are encrypted using a volume key which is stored in the source directory. The password is used to decrypt the key which is used to access the data. This file system is used as an alternative to eCryptfs as it allows encryption of files and folders using cloud storage services such as Dropbox, OneDrive and Google Drive. In addition it allows portable encryption on removable devices and it works as a cross-platform solution. Cryptkeeper is used to interact with it.
Cryptkeeper Bug Report
The actual bug report was posted by dmoerner on the project’s GitHub page yesterday. Its contents are the following:
Hi, there is a serious security hole in cryptkeeper.
Details are in this Debian bugreport: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852751
Here is a quote from Kirill Tkhai [email protected], who found this bug:
“I’ve looked into cryptkeeper code and found, it calls encfs
with -S option:
execlp (“encfs”, “encfs”, “-S”, crypt_dir, mount_dir, NULL);
exit (0);
While the password is passed to encfs using pipe in this way:
// paranoid default setup mode
//write (fd[1], “y\n”, 2);
//write (fd[1], “y\n”, 2);
write (fd[1], “p\n”, 2);
write (fd[1], password, strlen (password));
write (fd[1], “\n”, 1);
But it seems it’s wrong. When I’m executing encfs program
from console
$ encfs -S crypt_dir mount_dir
and I’m passing “p\n”, encfs exits and doesn’t wait for a password
itself.”
This may be caused by a change in the underlying encfs interface.
