Metadata is not encrypted

begoon
begoon
Community Member
edited March 2013 in 1Password 3 – 7 for Mac

I looked at the contents of the *.1password files in the 1P storage and found that fields called "title" ARE IN PLAIN TEXT. Frankly, I was shocked. I presumed that in "an encrypted storage" EVERYTHING I see/enter/put in the frontend app (1Password in this case) MUST be encrypted (like in KeePass storage, TrueCrypt containter, etc.). It may happen that the "title" field can contain sensitive data too.

Very disappointed, sorry.

Alexander

Comments

  • khad
    khad
    1Password Alumni

    Hi begoon,

    Thanks for taking the time to contact us. The only information that is stored in the clear is the metadata about your sensitive data not the sensitive data itself. You can easily see a list of what is stored in the clear in the Agile Keychain Format by simply looking at the View > Columns menu in 1Password for Mac. Here is the list for your convenience:

    • Icon
    • Title
    • Location
    • Type
    • Modified Date
    • Created Date
    • Folder
    • Tag

    Password strength used to be included in that list as well, but that was changed way back in November 2011.

    This is outlined in a few different places in the User Guide. From the Agile Keychain Design document:

    The Agile Keychain is nearly identical to the Mac OS X keychain in terms of what is kept encrypted and what is left open in plain text. The distinction is an important trade-off between security and convenience. The more that is encrypted, the less a would-be thief can access, but it is also necessary to leave enough open to allow applications to freely access certain items without needing to decrypt every single entry each time. The Mac OS X keychain nicely balances security and convenience, so the Agile Keychain follows suit.

    >

    Here is an example entry from the Agile Keychain:

    @{
     "title" : "dave @ AWS login",
     "locationKey" : "perfora.net",
     "encrypted" : "...",
     "typeName" : "webforms.WebForm",
     "securityLevel" : "SL5",
     "openContents" : {
       "createdAt" : 1216012929,
       "updatedAt" : 1216012929,
       "usernameHash" : "...",
     },
     "location" : "https://webmailcluster.perfora.net:443/xml/webmail/Login",
     "uuid" : "0A522DFCAE6442D991145BC76E55D343",
     "folderUuid" : "A90D66D1A4E34481BDF03DDEA9F511AC"
    }

    As you can see, not all the information is encrypted. Most notably, the name/title of each entry (i.e. dave @ AWS login) and the location/URL are open. Having these open allows 1Password to organize your data and display it without suffering the performance hit of needing to decrypt every single item. All the truly confidential information is stored in the encrypted section of the file.

    The original form of the Agile Keychain left its assessment of password strength among the unencrypted data. This was removed in 2011.

    The above file format is based on JSON (JavaScript Object Notation). It is a lightweight notation for structuring data without the overhead associated with formats like XML. As a side benefit, these JSON files can be loaded directly into a web browser. The name of the file is based on the UUID (Universally Unique Identifier) of the item. This guarantees the filename is unique and will stay the same even when items are renamed.

    You can read more about this in the "Unlocked vaults or unlocked boxes" section of the Security of storing 1Password data in the Cloud document.

    As hinted at in the aforelinked Defending against 1Password harvesters, the new Cloud Keychain format already in use for iCloud syncing encrypts or well-obfuscates even the metadata. You can read about the Cloud Keychain format here:

    1Password 4 Cloud Keychain design

    As we move forward, the Cloud Keychain format will be used in more places.

    If we can be of further assistance, please let us know. We are always here to help!

This discussion has been closed.