By Häst


2012-10-18 19:14:25 8 Comments

I just bought Titanium Backup and set up a scheduled encrypted backup of user+system apps and data, followed by Dropbox sync. Assuming I remember the passphrase, is all the data required for restoration backed up? Or do I have to manually backup the private key and encrypted symmetric key?

3 comments

@Conrado 2014-12-31 17:11:26

As @Dakatine hints, the master key is pre-pended on the file, which is then concatenated by encrypted content.

I didn't bother researching the TB_ARMOR_V1 file format, because someone already has made a python command line tool https://github.com/phyber/TiBUdecrypter

@Dakatine 2013-09-19 11:45:28

The FAQ of Titanium Backup about crypthography states that you just need the passphrase to recover any backup. That must mean that the private key file is stored along with all of your backups, because it could never work in any other ways. The big problem with that FAQ is that it should states this explicitly IMHO so to make things clearer for us users.

I took a peek at the first bytes of some backupped file (I am talking about the application data here, because Titanium Backup does not backup apks period), guess what I saw?

I found the very same ASCII sequence in the first lines of the backup files: those files are named something.gz but they are actually not gzip files (because of the key that has been put in front of them. Gzip files begin with hex codes 1F 8B 08. Those files do not).

If you run Linux and want to check it out, download two of your backups on the PC and try this command, that shows the first four lines of the file:

$ head -n 4 cgeo.geocaching-20130919-000250.tar.gz

My output is:

TB_ARMOR_V1
0w5AkcCA9rGtSy3Ecrag19p/FYQ=
BNpyGZq/PQYmpDXkXwji2lQGIQY=
MIGfMA0GCSqGSIb3DQEBAQUAA5GNADCBiQKBgQDWLUH3i295TA9XwPgbzwXEk/0eqowW2xcoxbOQo7NYeqGvctC7dNM33CEh+az25Wj2iTo+kzdIpwM7Y6o5vjW+D/yBCv9nDV1+HLNyut3GDQon84yR6BlgbQJT5QoIra5f6FN+wtqF5/ifW88nzuia2fUOv/IqRVQhHxIY7LPkMQIDAQAB

Quite odd for a binary file, isn't it? By the way that must be, yes, my TB private key enciphered with my passphrase. I don't give a thing about sharing it because you would need my backup files and my passphrase as well, to get anything useful out of.

Now, if you run run the same command on a different backup file:

$ head -n 4 com.amazon.kindle-20130919-000004.tar.gz

Guess what? You'll get the same s*it!

TB_ARMOR_V1
0w5AkcCA9rGtSy3Ecrag19p/FYQ=
BNpyGZq/PQYmpDXkXwji2lQGIQY=
MIGfMA0GCSqGSIb3DQEBAQUAA5GNADCBiQKBgQDWLUH3i295TA9XwPgbzwXEk/0eqowW2xcoxbOQo7NYeqGvctC7dNM33CEh+az25Wj2iTo+kzdIpwM7Y6o5vjW+D/yBCv9nDV1+HLNyut3GDQon84yR6BlgbQJT5QoIra5f6FN+wtqF5/ifW88nzuia2fUOv/IqRVQhHxIY7LPkMQIDAQAB

This simply could not be a coincidence. :) From a certain point onward everything in backup files finally becomes binary. This behavior makes a lot of sense because that would mean that we can only share the backup files and forget about everything - with the passphrase, we can recover our backups, period.

Still, I really think that the developer should document a procedure about how to recover our own legitimate data (we know the passphrase, so it's us!) from any computer with a decent crypto tools set (read: OpenSSL).

@Schwertspize 2015-09-02 08:45:24

it's not that crazy to store the keys in the header of files, but normally not the same keys. normally you have got a file encryption key (FEK, it's one per file) which is stored in the file header and get encrypted by the master key. normally also the master key gets generated using the passphrase so you pipe the passphrase through some SHA or better bcrypt or scrypt or PBKDEF2 and get the private key from that. so actually you only store the FEK and meta data like key length in files.

@Danilo Bargen 2015-09-21 08:25:49

This means that having an encryption key stronger than your passphrase is useless.

@Stephen Schrauger 2012-10-19 16:29:22

You only need to remember the passphrase. I've done this before.

If you're worried, you could always create a nandroid backup of your entire system, then wipe and install a custom rom. Install TB, and try to restore an app with just a passphrase. If it needs something you lack, then you have your answer and can go back to recovery and restore the nandroid. But as I said, I have done this process already and know that the password is all that is needed.

Related Questions

Sponsored Content

0 Answered Questions

10 Answered Questions

[SOLVED] Titanium Backup "insufficient free storage space" error

1 Answered Questions

1 Answered Questions

How does Samsung implement SD card encryption?

1 Answered Questions

[SOLVED] How to restore from Titanium Backup with file on computer?

  • 2016-08-20 09:13:38
  • Celeritas
  • 4169 View
  • 0 Score
  • 1 Answer
  • Tags:   titanium-backup

0 Answered Questions

Why are apps excluded from Titanium Backup?

  • 2016-08-16 06:05:45
  • beeshyams
  • 96 View
  • 0 Score
  • 0 Answer
  • Tags:   titanium-backup

1 Answered Questions

Xiaomi becomes buggy after I restore tons of apps from titanium backup?

  • 2016-03-08 03:05:23
  • user4951
  • 466 View
  • 0 Score
  • 1 Answer
  • Tags:   titanium-backup

1 Answered Questions

Sponsored Content