Encrypted configuration file

The CoyIM configuration file contains a large amount of sensitive data, including the passwords to your XMPP accounts if you decide to save them. It also contains all your OTR private keys, and the fingerprints for all your contacts. If anyone could read this file or modify it, it could compromise the security of CoyIM. The developers of CoyIM always recommends that you use an encrypted hard drive to protect against these kinds of threats. But sometimes you don’t have that possibility, and sometimes it might not be enough. For this reason, CoyIM gives the option to store the configuration file in an encrypted form, protected by a password.

If you choose to store the configuration file encrypted, you have to be aware that the password can not be recovered if you lose it. CoyIM generates the encryption keys for the configuration file directly from the password, which means that if the password is lost, the encryption key is also lost.

From a technical standpoint, CoyIM uses the scrypt algorithm to convert the main password into the encryption keys for the configuration file. The parameters are chosen so that each attempt at decrypting the configuration file will take between 0.5 and 3 seconds. The cost factor (N) is set to 2 ** 18, the block size parameter (r) is set to 8 and the parallelization factor (p) is set to 1. However, these parameters are all possible to tune easily, and the code obviously doesn’t depend on them. We also use a salt for the scrypt key generation.

Once we have the output from scrypt, we divide it into an encryption key and a MAC key. We also use a nonce - a number used only once, which is not private. With these parameters, we encrypt and decrypt the data of the configuration file using AES-256 and the GCM cipher mode, to allow for integrated authentication of the cipher text.

All in all, if the configuration file is encrypted, it is quite well protected, both from cryptanalytic attacks, but also against brute-force attacks against the password.