On March 10, 2021, an update for the client-side encryption has been released on the DRACOON cloud as part of a new DRACOON version, which makes the client-side encryption of DRACOON even more secure. This is achieved by encrypting file keys, personal decryption passwords, and emergency passwords with keys with a length of 4096 bit instead of 2048 bit. As part of the change, DRACOON end-users and administrators have to re-enter their personal decryption passwords or emergency passwords once.
Below you will find more information about this change.
What exactly does change in the update of the client-side encryption in DRACOON?
From the point of view of users and administrators, nothing fundamental changes when using the updated client-side encryption in DRACOON. However, the keys for files in encrypted data rooms, the emergency passwords for individual data rooms, the DRACOON-wide emergency password, and the personal decryption passwords of the individual users are stored in DRACOON with stronger encryption—with keys of 4096 bits instead of 2048 bits as before.
Why does DRACOON now encrypt file keys etc. with 4096 instead of 2048 bits? Are 2048 bits no longer sufficient for security?
The German Federal Office for Information Security (BSI) still considers key lengths of 2048 bit, as used by DRACOON in the past, to be absolutely secure with asymmetric encryption methods until the end of 2023, but recommends increasing the key length to at least 3000 bit afterward. The reason: It cannot be ruled out that by the end of 2023, much more powerful computers with corresponding computing power will be available with which key lengths below 3000 bits can possibly be cracked.
With its encryption update, DRACOON goes one step further than the BSI recommendation and even increases the key length to 4096 bit—which means that DRACOON's client-side encryption will be future-proof for at least the next 10 years.
See also: Technical Guideline TR-02102
Will working with encrypted files become noticeably slower by increasing the key length?
The calculation of 4096-bit keys is generally more complex than that of 2048-bit keys, which has a corresponding effect on the calculation time. How much the difference e.g. in the DRACOON Web App is noticeable by the user depends on the used web browser. When uploading to an encrypted data room, there is hardly any difference in Chrome, the new Microsoft Edge, or Firefox compared to 2048 bit keys (just milliseconds). When downloading, the difference is a bit greater, but in practice, it is hardly noticeable (0.2 seconds typical calculation time for one file key per file download e.g. in Chrome, the new Microsoft Edge, or Firefox). Since the change only affects the file keys and not the actual files, the size of the files is irrelevant.
Do DRACOON administrators and users have to perform any actions to be able to use the new key length of 4096 bit or does the conversion happen automatically?
It is not possible to update the existing keys in DRACOON from 2048 to 4096 bit automatically. This is because, for the recalculation of the keys in 4096 bit, the passwords associated with the keys are needed—and therefore have to be specified once by the corresponding DRACOON users, as the passwords are not stored in DRACOON and therefore cannot be used automatically for a recalculation of the keys.
- To change the system-wide emergency password key to 4096 bits, a user with the Configuration Manager role needs to re-enter the system-wide emergency password once. Alternatively, a new system-wide emergency password can be specified, which was not possible before.
- Each encrypted data room can have its own data room emergency password as an alternative to the system-wide emergency password. To change the existing data room emergency passwords to 4096 bits, a room administrator of each top-level encrypted data room must re-enter the existing emergency password of the data room or, alternatively, specify a new emergency password for the data room. This is only required for top-level encrypted data rooms, not for encrypted subrooms.
- To change the keys of the individual files in encrypted data rooms to 4096 bits, users of encrypted data rooms must enter their existing personal decryption password once. They can also change their password at this opportunity if desired.
How are users in DRACOON made aware of the actions required to switch to 4096-bit keys?
For all affected users, a task is displayed at the top of the DRACOON Web App, which will prompt for the personal decryption password, for example. The task remains visible even after closing the DRACOON Web App and is shown again when reopening the Web App until it is completed.
Users who are using DRACOON for Windows/Mac version 4.3 or later and have stored their decryption password there may not be prompted to re-enter the decryption password in the web app because the conversion to the 4096-bit file keys could already be done automatically by DRACOON for Windows/Mac with the stored decryption password.
Room managers get a prompt when entering an affected encrypted room to re-enter the room emergency password so that it can be converted to 4096 bits.
Configuration managers see an additional task after login to re-enter the system-wide emergency password for conversion to 4096 bits.
What happens if users ignore the tasks required to convert the file keys, such as not entering their decryption password?
In this case, the existing file keys (2048 bit) automatically continue to be used.
However, users of the DRACOON Web App were already prompted in previous versions to enter their decryption password when opening the first encrypted data room in a session. Without entering the decryption password, for example, no new files can be uploaded to encrypted data rooms. Therefore, it can be assumed that users regularly enter their decryption password in the DRACOON Web App anyway (provided they have access to encrypted data rooms).
Are the new 4096-bit file keys also supported by other DRACOON clients than the DRACOON Web App?
Yes, updates have been released for all official DRACOON clients that can use the new 4096-bit file keys. The following versions of the DRACOON clients support the new 4096-bit file keys:
- DRACOON for Windows/Mac version 4.3 or later
- DRACOON for Outlook version 5.11 or later
- DRACOON for iOS version 6.1 or later
- DRACOON for Android version 5.10 or later
If you use encrypted data rooms and have installed an older version of DRACOON for Windows/Mac than 4.3 or an older version of DRACOON for Outlook than 5.11, you must update your installed versions to continue working with encrypted data rooms.
For developers of custom DRACOON solutions, updated versions of the Crypto SDKs for DRACOON have been made available with support for 4096-bit file keys.
Are the changes also relevant if no encrypted data rooms are used and the encryption for the DRACOON environment is not activated in Settings?
If you currently do not use encrypted data rooms and have not activated encryption for your DRACOON environment in Settings, no actions on your part or by your users in the course of the conversion are necessary. If you use encryption later, all keys will be generated automatically in 4096 bit.
Why was the increase of the key length from 2048 to 4096 bit not done earlier by DRACOON?