Encryption of Backup - Which KDF/values are used?

Hello there,

I just wanted to ask of someone here knows what encryption the password protected backup option uses. I assume it’s common AES, but what about the KDF. Is it the default iteration count or the one you set in the web vault?


For password protected backup PBKDF2 at 100k iterations is used. The format includes support for storing kdftype and iterations, so adding configuration support isn’t too hard. In fact I have a PR open that implements setting it to the user account’s KDF settings, though I guess at this point it needs a rebase and slight adjustment for argon2’s extra parameters. PR is here:

1 Like

Actually, I just checked for the latest master branch, since default PBKDF2 iterations were bumped up to 600k, the export iterations have also been statically set to 600k. I.e in the next release, if the user has a higher iteration count, or argon2, this would still be at 600k rounds of pbkdf2.

1 Like

Thanks @Quexten