Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Need help to understand to understand encryption. #409

Open
AdityaPahilwani opened this issue Jun 16, 2022 · 13 comments
Open

Need help to understand to understand encryption. #409

AdityaPahilwani opened this issue Jun 16, 2022 · 13 comments

Comments

@AdityaPahilwani
Copy link

Thanks a lot for creating this super-fast storage library.

I was exploring encryption with MMKV and have some doubts, would be really grateful if you can help me with the same.

While creating an instance of MMKV we give one encryption key, and we provide a unique key which is 99% the same throughout app lifecycle

const encryptionKey=NativeFunctionToRetrieveUniqueID();
// for ex encryptionKey value is mmkv-is-great
export const Storage = new MMKV({
	id: `storage`,
	encryptionKey: encryptionKey,
})

now if by any chance NativeFunctionToRetrieveUniqueID gives another key which is not the same key which was used to create the instance.

const encryptionKey=NativeFunctionToRetrieveUniqueID();
// for ex encryptionKey value is 'mmkv-is-fast' instead of last used key which was 'mmkv-is-great'
export const Storage = new MMKV({
	id: `storage`,
	encryptionKey: 'encryptionKey',
})

As the encryption key is changed would it do any harm? like data is getting failed to read or any possible harm?

@mrousavy
Copy link
Owner

I think if the encryption key is not the same it simply cannot read the data and will overwrite it if you try writing to it. So your data will be lost if you lose your encryption key.

@MCervenka
Copy link

@mrousavy I was hoping that it would work as you suggested, but it looks like it doesn't work at all. I initialized the MMKV storage with one encryption key, then wrote to it. Then close the app, and open it initializing MMKV with different encryption key, but I was still able to read data from previous instance.

@MCervenka
Copy link

I would expect to get undefined

@MCervenka
Copy link

So i found where does my MMKV storage stores the files inside my iphone simulator and the encryption works! :)

The way I understand how this works is, that the mmkv storage needs the secret key from us only for starting the encryption. Then we can lost it, because mmkv storage stores the key inside phones keychain. So when we use the storage next time with different secretKey, the storage, I guess, retrieve the old data with an old key and then rewrite them with new key?

Anyway thank you for the awesome library. It is a big relieve to have sync storage that is so fast.

@mrousavy
Copy link
Owner

mrousavy commented Aug 4, 2022

Oh so the new key doesn't even get used? Then I need to change the API? 🤔

@AdityaPahilwani
Copy link
Author

@MCervenka To check MMKV file, you can do this

// open terminal
// adb shell
// cd /data//files/mmkv
// ls
// cat fileName

@AdityaPahilwani
Copy link
Author

@mrousavy I checked it and @MCervenka is correct, storage works the same if keys changed on the fly

@asami95
Copy link

asami95 commented Sep 5, 2022

@AdityaPahilwani Can you explain how you change the key on the fly, please?

@Nantris
Copy link

Nantris commented Nov 5, 2022

Is this issue still outstanding, or do updated encryption keys work as intended now?

@mrousavy
Copy link
Owner

mrousavy commented Nov 8, 2022

This is related to the core MMKV library, not my react-native-mmkv wrapper.

@adenyx
Copy link

adenyx commented Nov 22, 2022

So i found where does my MMKV storage stores the files inside my iphone simulator and the encryption works! :)

The way I understand how this works is, that the mmkv storage needs the secret key from us only for starting the encryption. Then we can lost it, because mmkv storage stores the key inside phones keychain. So when we use the storage next time with different secretKey, the storage, I guess, retrieve the old data with an old key and then rewrite them with new key?

Anyway thank you for the awesome library. It is a big relieve to have sync storage that is so fast.

Hi, @MCervenka
Could you share where I can find MMKV storage files? I can't check does my encryption works.

@nicholascm
Copy link

xcrun simctl get_app_container booted your.package.name data if you are running on an iOS simulator, then go to that directory. Inside of Documents you can see mmkv and inside of there are files. Doing cat ___ on an unencrypted file will show u the contents.

@bfricka
Copy link

bfricka commented Aug 3, 2023

I'm using 2.5.1 (I can't upgrade RN quite yet), and this isn't what happens to me at all. Instead, I have a separate issue: If I write with one encryption key and try to instantiate MMKV with a different key, an error is thrown. I can't recover from this, because I have no way to clear the previously encrypted file, since I can't instantiate MMKV.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants