Developer creates code for cracking the encryption key

Apr 7, 2015 10:40 GMT  ·  By

A developer tested the encryption method used by NQ Mobile Vault, a popular app for securing data on iOS and Android, and found that it relied on XOR, a cipher that can be easily broken.

Although XOR, a bitwise operator (Exclusive OR), is often part of more complex algorithms as an additive cipher, on its own it is not sufficient to create secure encryption.

By using a constant, someone could access the decrypted content processed by XOR. However, there are conditions that can increase the security it provides.

Image files used to conduct the tests

NinjaDoge24 tested the encryption used by NQ Mobile Vault, which is touted to be AES (128-bit), a much more reliable standard that was also adopted by the US federal government.

The developer first encrypted a PNG image using version 6.1.00.22 of the Android variant. Upon analyzing the resulting file, he noticed that the picture was not encrypted in its entirety, and he could see its name.

His conclusion from this was that the app used a substitution cipher, which he found to be XOR. After writing an encryption/decryption utility, he tried the product with another image file, this time using a longer password.

Partial encryption, brute-force code created

In a next step, he noticed that only the first 128 bytes of a file would be encrypted, and that a pattern exists for the key resulting from the password: a consecutive increment in the key value occurs as consecutive numbers were tested.

Despite bumping into an inconsistency at some point, he managed to establish the interval of the values that can be used for a brute-force attack.

“Improvised my XOR encryptor and/or decryptor. Now it only XOR's the first 128 bytes of the file with a single byte,” NinjaDoge24 said about his achievement of the day three of analysis.

NQ Mobile Vault is listed on Google Play as having between 10 and 50 million installations, while the description of the products advertises that it has more than 30 million users across the world.

The app is designed as a solution for protecting private data on their phones, such as images, videos and messages.

XOR encryption
XOR encryption

Photo Gallery (2 Images)

NQ Mobile Vault partially encrypts files, developer finds
XOR encryption
Open gallery