Database encryption

[alensiljak]

support for encrypted databases.

Not sure about the priority as nowadays most devices support storage encryption and the Dropbox traffic is encrypted with SSL.

There are a few available options for encrypting the SQLite databases:

1. SQLite Encryption Extension
   • wiki
   • Android SQLite Encrypt and original repository. See demo project, which includes compiled libs.
2. SQLCipher
   • SQL Cipher
   • Android docs
   • repo
3. SQLite Android Bindings
   • repo
   • Cordova SQLCipher adapter, 2
4. https://github.com/shenghe/FreeSQLiteEncryption
5. https://github.com/rindeal/SQLite3-Encryption

Additional links in #777 under Xamarin. There are .NET libraries but they also utilize some of the options above.

Current solution / workaround

SQLCipher is using different encryption algorithms/method than the desktop version of MMEX so, while it works on Android, it is not an option at the moment. SQLite Encryption Extension (SEE) require a commercial license and that is also not an option at the moment.

Recommendation

Those who are concerned about privacy can use encrypted containers like TrueCrypt on desktop, and encrypting their device's storage on mobile devices.

Other

Here is Google's response to a request for SQLite encryption support. Status: Won't Fix (Infeasible)

[alensiljak]

Some references below.

SQLCipher

• SQLCipher for Android
• instructions
• SQLCipher: Practical Advice for Building Secure Android Databases in SQLite
• SQLCipher Community Edition

[alensiljak]

Shall we have an issue in respect to the US laws if distributing strong encryption components in this case? See a note in "Practical Advice..." text above.

[AlessandroLazzari]

We already have the solution for the db encrypted. It is a project in the repository, and already tested by me. I have decided not to introduce it in 2.0 because I had to change the references to the application, and all goes very well tested. It will be the biggest news of the version 2.1...IMO we think of when we start to develop that version.

[AlessandroLazzari]

The project is starting and that I have tested is this, if I remember correctly:

https://github.com/moneymanagerex/SQLite-Android-Bindings

Provides the compilation in the NDK, and the use of JNI

[alensiljak]

ah, ok, great! No need to research further, I guess. :+1:

I see, this is similar to what is explained in the first link I posted? Custom build of SQLite with support for encryption enabled.

[AlessandroLazzari]

correct! we will only need that much test

[alensiljak]

Yes. And initially we can leave the database conversion to the desktop version.

[morphiumdeus]

Is there any news on this subject ? I really need this, I'm also willing to help as much as I can... (might not be very much)

[alensiljak]

There is a branch with the initial implementation. It is relatively simple to add but all the objects have to be changed to use the new Cursor type instead of the system one. The crypto libraries also add ~10MB to the app. The important thing to add and test is the password entry screen. The password probably needs to be cached for the content provider to use when opening the database file. There needs to be a new screen for entering the password. Also the workflow needs to be heavily tested for opening the database as a file, for downloading and opening from Dropbox, and quick switching of the recent database files list.

Considering the amount of time required and (relatively) little benefit that the encryption brings, there is noone working on this at the moment. Keeping the device locked with a password and the storage encrypted provides equal, if not better, security. If you wish, please go ahead with the implementation and submit the pull request when done. Thanks!

[Leosirth]

Hello,

I think the benefit of having the DB encrypted are undervalued: the device locked with storage encrypted it's safe for your local file, but having the DB encrypted at source will add a security layer expecially when the DB is "shared" over Dropbox. I will be more confident to share my DB over third party site with this feature.

Just my 2cent,

[alensiljak]

Don't get me wrong. I'm not saying there are no benefits to encryption. What I am saying is that, considering the limited benefits it brings to the app and the fact that there is only one person on the project (me), it is very difficult to find time to fully complete the implementation. There is plenty of work on user support, correcting issues on different devices, and other more important features to occupy at least 2-3 people (there's five pages of requests and suggestions at the moment). As I've said, if anyone is willing to go ahead with the implementation of encryption, please go ahead. I'm all for it. This is an Open Source hobby project. Everyone is wecome to participate and contribute features.

[morphiumdeus]

Can you tell me what branch has the library? I'll see if I can add anything useful.

[alensiljak]

In my copy of the repository (https://github.com/MisterY/android-money-manager-ex) you can find the db-encryption branch. The code is pretty old but demonstrates how to implement the concept. The encryption implementation is relatively simple. All it takes is replacing the Cursor with the one from the library. The actual work will have to be done in prompting for password when required, and caching the password somehow. I guess the password prompt will have to be shown before the OpenHelper even tries opening the database file. Also we have to handle the passphrase, i.e. disable having a passphrase with the encrypted database. I'll help out as much as I can. Currently I'm trying to finalise the Asset Allocation feature. This is quite complex compared to anything else we already have at the moment.

[alensiljak]

I'm happy to start working on this or help in case someone has made any progress on this feature. The initial version of Asset Allocation has just been released to Beta channel and I think the encryption support would be the next big thing to implement.

[morphiumdeus]

I haven't even got the project working in android studio. Still happy to help if I can though... [Edit] It's working now, was just some misconfiguration of the emulator [/Edit]

[alensiljak]

Let me know via email should you need any assistance in setting up the project. There is nothing special, though. Simply clone the repo and open the directory as an Android project. All the dependencies are downloaded automagically during the build.

Being an Open Source project, everyone is more than welcome to participate and contribute. Please feel free to contribute in any way you can/want. Any pull requests are appreciated. There are no specific requirements to being a "member" of the project. Simply look at the source code and the to-do list here on GitHub (also feel free to suggest items) and hack away! :) Also, if you wish to work on this, I think I'll add a separate branch for it so that any updates still can be released for the stable version until this is complete.

[morphiumdeus]

Yeah I think a different branch would be good.

[morphiumdeus]

I tried to enable the encryption support like in your branch, but can't seem to open a emb file. It seems the encryption of wxSQLite3 and sqlcipher is not compatible?

[alensiljak]

The master branch now contains all the code needed to use encryption support, just commented out. The issue is that many problems appear when the encryption support is enabled. Multiple threads reading from the database somehow fail to read the data. There are a few other issues noted in the SQLite documentation.

Compiling a custom version of SQLite and distribute along with MMEX might solve some issues with older devices but adding encryption support has some negative consequences that I'm not sure how to work around at the moment.

Reading files created on the desktop was not an issue, though.

[alensiljak]

SQLCipher added but can't open any encrypted files. Also, it seems that files encrypted with SQLCipher are not the same as the ones encrypted with MMEX. Tried SQLite Manager for SQLCipher desktop file creation.

[J316]

Can the same encryption method KeePass uses be implemented? It's cross-platform and works great!

[alensiljak]

The correct answer depends on what exactly do you mean by that. KeePass 1 is done in C++ and is probably not multi-platform. Keepass 2 is done in .Net. While the .Net implementation could be used after rewriting MMEx in any of the .Net languages, I don't think that KeePass is using SQLite database underneath. So, basically, the answer is no. :)

[alensiljak]

This can only be implemented as a multi-platform (armeabi, arm-v7, arm-v8, x86, x86_64) with SQLCipher.

[howff]

I don't know which encryption algorithm is used by the desktop version but it's possible there's now a free alternative to the SQLite Encryption Extension, such as: https://github.com/shenghe/FreeSQLiteEncryption or https://github.com/rindeal/SQLite3-Encryption

[alensiljak]

Great, @howff , thanks a lot for the info! Hope someone can try and see if a database encrypted on desktop can be opened with any of these.

[ghost]

Looking forward to mmex android being able to read encrypted db. Have been waiting for this very long. Dropbox has SSL, but that does not make it a safe bucket where to place unencrypted files. Local android phones memory also is not (usually) encrypted (even though it is possible in some versions). So we need this feature natively (not as a workaround)... Thank you for the great work you are doing!

[ghost]

Feature still not implemented!

[alensiljak]

Please, feel free to implement it and submit a pull request. It is an Open Source project.

[alensiljak]

@aferhati, my sincere recommendation would be that, instead of "waiting very long" for a feature, you spend that time learning some Java and Android development and add the feature. ;) At least that's what I did when I was missing some features in this app.

[slodki]

wxSQLite3 encryption extension for SQLite3 version 4.x used by desktop MMEX 1.4.0 (since moneymanagerex/moneymanagerex#1547) supports multiple ciphers now. It can use same ciphers as sqleet and SQLCipher.

[alensiljak]

So, a migration to a compatible cipher would be required first for the desktop version.

Then it would take uncommenting a few lines of code to enable sqlcipher in the Android version. And plugging in the password-entry activity back into the workflow.

[slodki]

"compatible cipher" == AES 256 Bit CBC - SHA1 HMAC with default parameters (SQLCipher v3.x)?

[alensiljak]

I believe so. I don't remember seeing any customization options when using SQLCipher on Android. We could try a beta version with that cipher.

[trymeouteh]

This app is great! Once this is implemented it would be perfect!

[user8446]

Hello, Is there an ETA on the timeline for this? Although there are encryption option on the devices themselves, the issue is the data at rest on the syncing platform used. That is what makes this feature so important. Since it is out of my scope to contribute to the code on this, I will donate and maybe we can find a dev with this expertise. I encourage other to as well. Unfortunately, I won't be able to use it until then.

**Update: Until this is handled naively in the app, I am accomplishing this by syncing through MEGA, which provides the end-to-end encryption, and works great. See #1311 for details

[CraftingGamerTom]

@MisterY Do you have a link to that branch? I dont see if on your fork (I understand this thread is from years ago). Could you also provide a quick status update if its not too much to ask?

[alensiljak]

The code is just commented out. It's not a separate branch. You will need to check the instructions for how to use it and then uncomment the lines which use these libraries and comment out the lines which use the default SQLite libraries.

[howff]

Tag https://github.com/moneymanagerex/android-money-manager-ex/releases/tag/2024.02.26.1020 Beta: Encryption with SQLCipher v4 cipher (a.k.a AES256CBC)

• MMEX4Desktop is still AES128CBC
• Opening the last encrypted file after the app restart is not well supported yet.
• App generated file would be opened via SQLCipher v4 and wxSQLitePlus.

[guanlisheng]

thanks @howff for linking this.

ALL, i am going to close this ooold ticket and wait for MMEX4Desktop upgrades to AES256 from AES128