element-ios
element-ios copied to clipboard
Don't store last message unencrypted in MXCoreDataRoomSummaryStore
Your use case
What would you like to do?
MXRoomLastMessage
contains properties for the last message in a room.
/**
String representation of this last message.
*/
@property (nonatomic, copy, nullable) NSString *text;
@property (nonatomic, copy, nullable) NSAttributedString *attributedText;
These end up being stored unencrypted in MXCoreDataRoomSummaryStore
. This should be avoided.
Why would you like to do it?
Because otherwise an attacker with file system access could retrieve the last message of an encrypted room.
How would you like to achieve it?
Instead of storing the clear text, we should either only store event ID and resolve the text on demand (possibly not performant) or encrypt the text with a global key stored in the keychain.
Have you considered any alternatives?
No response
Additional context
No response
This extra security level is for a customer who:
- does not trust the OS and its keychain
- blocks the app on jailbroken devices
In the normal context, we rely on the encrypted storage offered by the system.
We should work on it post EIX BBQ alpha in October.
Duplicate of https://github.com/vector-im/element-ios/issues/7358