Secure messaging apps rely on end-to-end encryption for security. If all messages are encrypted using keys that are only known to and controlled by the authorized recipients, then it is much more difficult for an eavesdropper to read or modify these messages.
However, the security of these communications depends on the security of the encryption keys used to protect them. Composite Key Brute-Force Protection is an optional security feature in Ciphr’s apps that provide stronger protections to these encryption keys.
How Secure Messaging Apps Manage Encryption Keys
Access to a truly secure messaging application is typically controlled using a password and/or PIN. A smartphone may also require a password, a PIN, or biometric verification (fingerprint, facial recognition, etc.) to unlock.
However, these passwords, PINs, etc., are not the secret keys used to encrypt and decrypt messages transmitted over the secure messaging app.
The password entered on the lock screen is used to derive the master key, which is then involved in encrypting and decrypting the Ciphr app’s data-at-rest. Where Ciphr differs to other apps is how that key is derived.
To find out more, read the Key Derivation section of our blog Unlock Screen and Encryption of Data-at-Rest.
Why Are Composite Keys Necessary?
Storing encryption keys on a device is necessary for encrypted messaging. However, it also places these keys at potential risk of exposure. An attacker with access to the device (and knowledge of the associated password) could potentially find the secret keys in the device’s memory and use them to send or receive encrypted messages.
Composite keys are designed to reduce the risk that an attacker can gain access to the secret keys stored on a device if they can access the device itself. They do so by splitting the data used to generate encryption keys between two locations. Part is kept on the device and is unlocked by the user’s password. The other half is stored on the messaging service provider’s servers.
With a composite key, both of these pieces of information are needed to generate the full encryption key. This means that neither an attacker with physical access to the device nor the service provider can decrypt the user’s data. Only with access to both locations can an attacker decrypt the user’s messages.
This provides protection against a few different attack scenarios, including:
● Stolen Devices: Keys stored on a device are potentially vulnerable to malicious actors, as demonstrated by Cellebrite’s “hack” of Signal. By storing part of the key off of the device, this attack vector becomes infeasible.
● Compromised Servers: If encryption keys are stored on a provider’s server, then a hack of those servers could potentially expose those keys and the messages that they protect. With composite keys, a successful hack of the company’s environment would still not provide a full encryption key.
● Brute-Force Attacks: An attacker without knowledge of a user’s password can try to brute force their encryption key by attempting to decrypt the encrypted data using various potential passwords. However, this requires access to the entire encryption key, which is more difficult to achieve with a composite key, as we will explain below.
How Ciphr Implements Composite Keys
Ciphr offers composite keys as an option that users can choose to activate within their app, called Composite Key Brute-Force Protection. With composite keys activated, the portion of the key stored on Ciphr’s servers is only accessible with knowledge of the user’s password and when the app is online.
Ciphr’s Composite Key Brute-Force Protection stores a value in the app that is combined with a user’s password and hashed in-app. This hash value is then sent to Ciphr’s servers and used to lookup another piece of key material and an encrypted master key.
By combining the values stored on the client and the server and the user’s password, it’s possible to create a key that unlocks the encrypted master key. This master key is then used to unlock the app.
Ciphr’s Composite Key Brute-Force Protection protects against compromised keys in a few ways:
Separated Keys: In isolation, neither the client nor the server can generate the encryption key. The client lacks the server key material and the encrypted master key, while the server needs the user password and client material. Since the server only receives the hash of the password and client material, the full master key can only be unlocked on the client device after a successful request to the server.
Rate Limiting: Testing a potential password requires a successful request to the server. Ciphr implements rate limiting on these requests, making it slower and more difficult to perform a brute force password guessing attack.
Securing Messages with Ciphr
Composite Key Brute-Force protection is an optional and unique feature available in all three of Ciphr’s apps. It provides stronger protection against brute-force guessing attacks by splitting the secret key between the app and the server.
To activate Composite Key Brute-Force Protection:
Go to Ciphr Text or Ciphr Mail, Settings > Security and slide the toggle for Composite Key to turn it on. If you turned it on in Ciphr Text, it will automatically turn on in Ciphr Mail too and vice versa.
Ciphr Vault, however, is not linked to Ciphr Text and Ciphr Mail. Go to Settings in Ciphr Vault, and turn on Composite Key.