Is it possible to generate new RSA keys and re-encrypt file keys?

benjamin4646

Hi there,

As I understand the BoxCryptor system the user's password is used to encrypt the user's RSA public and private keys, and the user's RSA public key is used to encrypt the individual file AES keys.

As changing the user's password only re-encrypts the user's RSA keys it seems possible that a previously compromised RSA private key could allow an attacker permanent access to the user's encrypted files - even newly created files with new AES file keys, and even if they change their password.

Of course, I take steps to prevent my password and RSA private key from being compromised. But, I was wondering if there was a way to force BoxCryptor to:

1. Generate a new RSA key pair
2. Re-encrypt all AES file keys with the new RSA public key
3. Encrypt the new RSA key pair file with a new password

This would re-secure all of the files in BoxCryptor even if the user's password and/or RSA private key were compromised.

At the moment, the only way I can think of doing this is to

1: Decrypt everything
2. Set up a completely new BoxCryptor account
3: Encrypt everything again

Of course, this is not ideal as it will take time and will require a re-upload of all of my cloud data (since the every file will have been newly encrypted).

Forcing the generation of a new RSA key pair would be much simpler, as it wouldn't require the decryption of all of my files (just the AES file key), nor the setting up of a new account, and the only part of the file that would be changed would be the file key header, meaning only minimal data need be uploaded.

Thanks for any information on this!

Benjamin

Florian

Hi Benjamin,

I just talked to our developers, the only "shortcut" to generate a new RSA key pair is to decrypt all data and perform an account reset.
You are right with your suggested solution, but this is a very specific case on the one side and on the other side a high security related and thus very costly feature which won't be implemented as long as it is not demanded by a greater number of users.

Sorry to tell you that!

Kind regards,
Florian

Robert

If you don't mind setting up a new Boxcryptor Account, you could also avoid re-uploading all files by doing the following:

1) Create a new Boxcryptor Account
2) Sign in with the old Boxcryptor Account
3) Grant access for the new Boxcryptor Account to all files (only the first few kilobytes of each encrypted file will be changed)
4) To avoid sync conflicts wait until all modified files have been synced
5) Sign out and sign in with the new Boxcryptor Account
6) Remove access for the old Boxcryptor to all files (only the first few kilobytes of each encrypted file will be changed)
7) Delete the old Boxcryptor Account

(Alternatively to step 7) you could also perform an account reset as described by Florian and re-grant access for the old Boxcryptor Account after it has been reset so that you can keep the old account)

--Robert

benjamin4646

Hi Florian and Robert,

Thanks for the information, and for the possible work-around.

I understand that this is an edge-case in terms of development, but thanks for taking the time to look into it anyway.

Thanks for developing this outstanding product!

Best wishes,

Benjamin