This release includes a fix for a recently discovered issue #477 in our encryption system. Due to an implementation error, the camera-captured entropy was not being used as intended in our AES-CBC encryption mode. This means that the additional layer of security provided by the camera's randomness was not effectively applied.
What Does This Mean for You?
Who is Affected: Users who have changed their settings to use AES-CBC encryption instead of the default AES-ECB for encrypted backups on flash storage, SD cards, or encrypted QR codes.
Impact: The encryption strength for these backups may not be as robust as intended.
Recommended Action:
If you have used AES-CBC encryption for your backups, we recommend the following steps:
-
Update Your Device: Please install the latest software update where this issue has been resolved.
-
Replace Your Backups: After updating, recreate your encrypted backups on flash storage, SD cards, or QR codes to ensure they are secured with the corrected encryption implementation.
Thanks @earthdiver for the finding!
Thanks @jdlcdl, @3rdIteration and @qlrd for helping on the issue evaluation and solution!
Always test your encrypted backups and keys after creation and have a redundant physical backup of your keys.