Cryptology ePrint Archive: Report 2020/1439

Cryptographic Vulnerabilities and Other Shortcomings of the Nextcloud Server Side Encryption as implemented by the Default Encryption Module

Kevin "Kenny" Niehage

Abstract: Nextcloud provides a server side encryption feature that is implemented by the Default Encryption Module. This paper presents cryptographic vulnerabilities that existed within the Default Encryption Module as well as other shortcomings that still need to be addressed. The vulnerabilities allowed an attacker to break the provided confidentiality and integrity protection guarantees. There is a high risk that ownCloud also contains some of the issues presented in this paper as it still has cryptographic code in common with Nextcloud.

Category / Keywords: applications / Nextcloud, ownCloud, server side encryption, default encryption module, message authentication code collisions, related block cipher mode keystreams, known-plaintext attack, insufficient key management

Date: received 15 Nov 2020, last revised 15 Nov 2020

Contact author: kevin at niehage name

Available format(s): PDF | BibTeX Citation

Note: The vulnerabilities presented in this paper have led to CVE-2020-8133, CVE-2020-8150, CVE-2020-8152 and CVE-2020-8259.

Version: 20201115:232615 (All versions of this report)

Short URL: ia.cr/2020/1439


[ Cryptology ePrint archive ]