Header and Master Key implementation

[ricassiocosta]

Just want to bring some light in the "Header File" idea I shared here. VeraCrypt uses a interesting concept of Header Key and Master Key (https://www.veracrypt.fr/en/Header%20Key%20Derivation.html) to encrypt a volume. In simple terms, basically it has two different keys: the Header Key is the key that the user actually choose during the setup, and the Master Key is the key that actually encripts the target volume.
So if we kinda bring this idea to this app, you could create a header file that holds the "master key" and use the "header key" to decrypt this file. In that way, you could easily achive this request #47 of update the vault password without decrypt and encrypt all the files in the vault (since you would only need to create a new header file with the same master key, encrypted using the new password). A bonus would be the fix of this issue #45, that now you have a simple way to verify if the given password can decrypt a folder or not, and stop showing it if not.

[hej2010]

Is it not a bad idea to encrypt lots of files with the same key (the master key)? VeraCrypt can use this as it only has one file to unlock (the container/volume)

[ricassiocosta]

But how this is different from what we have today? Today you use the provided password as they encryption key for all files, right?

[ricassiocosta]

The real caveat here is how to securely generate the master key. VeraCrypt use the mouse movement as seed to generate it...

[hej2010]

The app uses the provided password as an input to the PBKDF2 key generation function together with a random salt and IV, it generates a different encryption key for every file:

Valv-Android/app/src/main/java/se/arctosoft/vault/encryption/Encryption.java

Line 293 in de72236

SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);

[ricassiocosta]

Got it, but you could use this same strategy, right? I mean, instead of using the provided password as input PBKDF2 key generation function, you would use the master key instead, with random salt to generate the encryption key for every file. Is that make sense for you?