Security | SafeCamera – Photo Encryption App

This page describes in detail how things are done in SafeCamera for end users and IT professionals to understand how it works thus to have more trust in it.

Because once something got written to the disk it is very hard to really delete it in the way that it will be impossible to restore, SafeCamera never writes anything unencrypted to the disk until you tell it to do so of course. SafeCamera uses it’s own camera module that interacts with device’s hardware directly and captures bits that coming from camera and encrypts them on the fly and then only encrypted data is being written to the disk. Please be warned that when you tell SafeCamera to share some photo decrypted, then SafeCamera decrypts and writes decrypted photo to the disk to be able to pass it to other applications for them to share it (like Facebook or GMail).

Crypto

SafeCamera uses AES with 256 bit key in CBC (Cipher-block chaining) mode using PKCS7 Padding. Encryption/Decryption key is derived using PBKDF2 algorithm using 2048 iterations.

Key Derivation

Because every file that SafeCamera creates encrypted individually and have unique salt which is saved in the file, this key derivation process happens for every single file you’re trying to encrypt or decrypt, thus making SafeCamera created .sc files totally portable.

So, user enters master password and logs into application. On login SafeCamera computes SHA-512 hash of the user password and keeps it in memory. This hash is the actual password for deriving crypto keys later. When creating a new encrypted file SafeCamera generates random 256 bit salt which participates in key derivation process. This salt is kept with file later on, to be able to derive same key when we need to decrypt that file later.

So SHA-512 hash of the user entered password and random salt passes through PBKDF2 algorithm with 2048 rounds and produces AES encryption/decryption key which is then used to encrypt or decrypt that particular file. Upon completion derived key is being delted from memory and never got written to the disk.

Storage

Of course you will ask how the master password is being checked for correctness on login. When user opens application for the first time SafeCamera asks to setup a master password. On entering password twice correctly, SafeCamera generates SHA-512 hash of the user entered password, then the result is concatenated with user entered plain text password again and is being hashed with SHA-512 again. Only the final result of this two hashing processes is saved. Because SHA-512 hash of user entered password is the actual password for PBKDF2 it is never saved in the device. This is needed to be sure that for example if you lose your device it will be impossible for the attacker that gained full access to all information that present on the device to get or figure out decryption key or password to decrypt files that are stored in SafeCamera folder on SD card. So making two times hashing makes it impossible for the attacker to ever get your encryption password, but it is possible for SafeCamera to check validity of entered password on login.