[Android] The default encryption algorithm with CBC-mode could be not secure any longer

My security team asked me to replace the default CBC-mode with GCM-mode to encrypt the application DB in our android app. As the argument, they pointed to this article from Microsoft CBC decryption vulnerability | Microsoft Learn.

Is this something that is also applicable to the android databases? How can I replace the encryption mode?

Hello @ezino,

Thanks for reaching out about this. While SQLCipher utilizes CBC mode, it includes [1] a per-page initialization vector and HMAC by default so it should not be considered vulnerable to the timing attacks described in your link. The use of the HMAC explicitly ensure the integrity of the plaintext before decrypting, and it does not use padding which is a prerequisite even without integrity protection. SQLCipher does not allow for runtime modification of the cipher, a custom build would be required and would limit compatibility with other SQLCipher-encrypted databases. If your organization is interested in a custom build of SQLCipher per your requirements, we offer those services under our Enterprise licensing. Please feel free to reach out directly if interested in discussing further.

  1. SQLCipher Design - Zetetic ↩︎