diagnostics / checkup not safe?

francois

Hello
I just installed a private version of cryptpad 5.6.0 (debian/12, nginx/1.24.0) and it looks like the diagnostics function is not safe (see screenshot attached):

it is accessible to anyone with the link https://cryptpad.mydomain.com/checkup/ (no login required)
it exposes the customized application_config.js file (including a customized login salt)

Did I do something wrong?

thanks in advance

François

Mathilde

Hello François,

Thanks for reaching out on our community forum and your interest in CryptPad!

It's perfectly normal to have the /checkup page publicly available. CryptPad has been designed to protect the privacy of the users of the service. Hence, the free accessibility to the checkup page for them to also know if the instance they are about to register on is properly setup.
Same for application_config.js modification. Some changes in this file can modify CryptPad's behavior and/or introduce bugs. We think it's important that end users are able to be informed of the state of the service and not kept in the dark.

Security by obscurity is no security at all. Transparency and following best practices and guidelines as defined in our very complete administrator guide is the way to go.

Regarding your

49 / 55 tests passed.

Every error show below the message you shared the screenshot is meant to be self-explanatory. To be able to help you we'd either need:

Your instance URL, or
The full screenshots of all the errors

Then depending on what we see, it'll be useful to see:

Your config.js
Your Nginx configuration file

Looking forward to your feedback!
Have a good day and happy new year! 🙌🏻

francois

Thanks Mathilde,
I appreciate your prompt response.
I am not worried about the warnings (it's about "missing attributes which provide better previews on social media sites and messengers" - looks fixable) and I am all for transparency and supportive of the notion that, once you make available functionalities, you need to demonstrate that you do it properly! This is one of the reasons why I am testing cryptpad.
My concern is that the link to /customize/application_config.js in the checkup analysis exposes my customized loginSalt, which I don't think is a good idea.
Otherwise, great tool and easy (enough) to install - some additional posts in the forum to come.
All the best and a great 2024 to the Cryptad team!
François

Mathilde

francois My concern is that the link to /customize/application_config.js in the checkup analysis exposes my customized loginSalt, which I don't think is a good idea.

Thanks for your feedback @francois! I'm sorry I missed this part in your original message, it's indeed a different thing. I will bring this up to our developers on our next team meeting.

Fabrice

Hello,

Long story short, this is not an issue given the way CryptPad works.

More precisely, in order to log-in, the client never sends their credentials directly, but the output of a key derivation function (KDF) based on their login, password and, if defined, the instance loginSalt.

This implies that in any case, the loginSalt is exposed to the client (otherwise they cannot log in), thus making this information public about the instance: it’s not a security issue to have it available.

Usually, salting is used in case of database leaks, where pre-established associative tables cannot be used to obtain passphrases from their digest. Here the same can be applied as, if one is using the same login-passphrase on multiple instances, and the data storage of these instances get compromised, it won’t be easy to verify that the user is present on both instances (even intractable only from the login as it’s not known from the server). Finally, the use of a KDF renders the cost of brute-forcing unattractive to malicious adversaries.

For a more technical and formal answer, you can refer to the CryptPad White paper, “Section 6.1: Registration and login” and “Section 2: Threat model”. And the explanations about the purpose of salting in CryptPad is detailed in the documentation.

Mathilde

Thanks for your detailed answer @Fabrice and sorry for the delay getting back to you @francois!