Code Audit of Boxcryptor

 

Modern Office Architecture

Boxcryptor is a software developed by Secomba GmbH which focuses on protecting files stored on external cloud providers by over-encrypting the files and even the file names to prevent the cloud provider from accessing the data within the said files, while still allowing synchronisation with multiple devices. Usage of Boxcryptor gives their customers the peace of mind that their data is private while being stored on a cloud provider’s systems.

In this short post we’ll talk specifically about the work we performed. For a more in-depth overview as well as motivations and benefits from the perspective of the Boxcryptor team, you can read about it on the Boxcryptor blog.

Kudelski Security was hired to perform a security audit of the Windows Boxcryptor application. We focused on the cryptographic functionalities of the code and implementation of security best practices.

We analysed the provided code, which uses standard library functions and standardized methods as often as possible and we notably covered the following main components among others:

  • Secomba.Common: contains most notably the cryptographic operations
  • Secomba.Common.Net45: which is mostly a proxy to the crypto provider
  • Boxcryptor.Core: contains actual encryption logic, has high level APIs and does the PKI management
  • Boxcryptor.Desktop: contains the file operations, including bulk ones and read/write operations.

We notably looked for

  • General code safety and susceptibility to known vulnerabilities
  • Poor coding practices and unsafe behaviour
  • Leakage of secrets or other sensitive data through memory mismanagement
  • Susceptibility to misuse and system errors
  • Error management and logging
  • Security levels of the cryptographic primitives and their parameters
  • Proper implementation of the documented protocol phases

We reported the following in our public report:

  • 1 security issues of medium severity
  • 2 security issue of low severity
  • 6 observations related to general code safety

Download the full report here:

As a result of our audit, we did not find any critical shortcomings in the reviewed components.

Secomba quickly patched all the problems we identified and let us review their changes in order to confirm their effectiveness. They will also monitor the state of the art in term of ORAM setups, and are planning to add effective integrity checks in the future.

Notice that we did not find any evidence of malicious intent, flawed logic or potential backdoors in the codebase.

We would like to thank Secomba GmbH for trusting us, for their availability and the pleasant collaboration throughout the audit!

To find out more about our cryptography services, visit kudelskisecurity.com, or for blockchain services, visit kudelski-blockchain.com.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s