Bad encrypted message recieved

[shenki]

Successfully exchanged a few push messages with a TextSecure 2 user. However, then messages stopped being correctly received by my client. They say "Bad encrypted message...". The same is happening on their end; my messages are being received but showing the same error message.

I'm on Nexus 5 running Android 4.4.2, with TextSecure 2.0.1 and now TextSecure 2.0.2. The bad encrypted message was seen with both version of TS.

A pastebin that includes at most one bad transfer is at http://hastebin.com/mobiqikegi

[lablans]

@MPSMPS We can't be sure until someone who knows his way around a) the code and b) the protocol looks into this, but yes, from my "blackbox perspective" it seems you made the right observation:

1. Message A: content
2. Message A: (bad encrypted, same sent timestamp as Message A)
3. Message A: (bad encrypted, same sent timestamp as Message A)

Numbers 2 and 3 are "echoes" (case 3). That's what my brother experiences once a day or so. Unfortunately he can't take debug logs on his device.

---

1. Message B: (bad encrypted, same sent timestamp as Message B)
2. Message B: (bad encrypted, same sent timestamp as Message B)
3. Message B: (bad encrypted, same sent timestamp as Message B)

I guess numbers 2 and 3 are again "echoes" (case 3), and number 1 is a "single" (case 4). So yes, a combination of cases 3 and 4.

[SevenFactors]

Reporting a change on my Bad encrypted message..." experience

After installing version 2.0.5 and refreshing/reestablishing the secure connection between phones. Messages stated to be sent/received. After 4 days of testing I have come to notice the following behavioral changes.

Either: The message comes through and are decoded without issue. Or: the message arrive but is presented as "bad encrypted messages..." Not like before where Iwould be the decoded message and echoed two bad encrypted messages.

This is the one scenario in which I can say refreshing the keys does indeed make a differences. I refreshed the keys and I've manage to go a day or two without receiving a single bad encrypted message. Yay!! ^_^

I hope to never see them again. If I do, as I see some of you still are, I will be sure to report it here.

[MPSMPS]

After I did some tests (see #1182) it seems to help to add a password to TextSecure. I always had a password for TextSecure and never had any problems with bad encrypted messages (especially case 4). Some of my contacts had problems with bad encrypted messages and I recommended to add a password for TextSecure and since then there were no bad encrypted messages (at least no case 4). Can someone else confirm this?

I only had problems after I killed the KeyCachingService-service. Is it possible that Android sometimes kills this service when no password is set!? Also some of my contacts that never had problems have more powerful smartphones than the contacts with the problems. So, possibly another indeed for killing a service!?

[chuegel]

Same issue with one of my contacts. Initial communication went well for a while then the other side couldn't decrypt my messages anymore.

[McLoo]

Testing by sending messages to myself also ends After some successful tries in Bad encrypted. In Addition i cant deactivate encryption... The received message Says message for non encrypted chat

When sending again it sends encrypted. (Not bad)

Maybe the log helps: http://hastebin.com/jasagufaho

I have no password set

[alxndr42]

One of my contacts is occasionally getting this error, the conversation has been going on for a while.

Debug log: http://hastebin.com/hesudojora

The "old counter" exception is there, but also some other ones.

[lablans]

@MPSMPS I don't have a second device right now to double check, but it seems you are right about the passphrase: https://github.com/WhisperSystems/TextSecure/commit/e8506563df7b20f796de907b62d0346dcdf02fd0

Also check the previous commits in the protocol branch.

[MPSMPS]

@vascorppor I don't know if I understand this piece of code, but I is moxie setting a dummy password in case of that the password is disabled? What does MasterSecretUtil.UNENCRYPTED_PASSPHRASE contain?

This weekend I will download the full code and have a look at it but I think I won't understand much.

[alxndr42]

Looks like content on Hastebin disappears within 24 hours.

Here's the log again on Pastebin: http://pastebin.com/i9b7uzYJ

[alxndr42]

Another one from the same contact: http://pastebin.com/acnEKgR5

The same exceptions "Received message with old counter", "Input too small" and "Recipient List Is Empty" appear.

[alxndr42]

Could be @tjharman is onto something with duplicate messages sent by Google: https://stackoverflow.com/questions/15102055/gcm-duplicated-messages

Eventual consistency FTW?

[moxie0]

This is fixed in the 'protocol' branch, which will be merged into the next release. There are a couple of different fixes there:

1. If two parties simultaneously send each-other a message for the very first time ever, the clients would end up in a bad state for every subsequent message.
2. If a message was duplicated by GCM, it'd display "bad encrypted message" for the second one, rather than ignoring it.
3. There's a bug in the way that messages are processed on clients without a passphrase set (thanks to whoever discovered killing KeyCachingService trigger that).

All three cases should be fixed in that branch, so hopefully nobody will ever see "bad encrypted message" after the next release.

[voidzero]

Lately I saw the following related issue on my CM11/Android Kitkat phone: someone sends me a message which displays correctly in the notification area, but in the actual conversation window it gives me Bad encrypted message.

[moxie0]

Thanks everyone, this should now be fixed in 2.0.6

[fiesh]

For a TextSecure conversation of mine, this just started happening. My peer can still read my messages, but all the messages she sends are just shown as Bad encrypted message for me.

The debug log is under https://gist.github.com/58bb3a19b59c291c6c33

[moxie0]

@fiesh Did one of you use titanium backup?

[voidzero]

@fiesh you can try to end the session on both ends (click the lock button, at the top right). That fixed it for me a good while ago.

[fiesh]

@moxie0 No, I don't even know what that is. @voidzero Thank you, I'll try as soon as I get the chance!

[aetherfaerber]

Experiencing this issue on Signal 4.25.10 after restoring from a backup (oandbackup). Strangely, I can communicate just fine with some contacts but with most I and them only get the “bad encrypted message” error.

[haffenloher]

@aetherfaerber let's not use the issue tracker for support questions. We'll be happy to help you over at the community forum. No need to register, you can use your GitHub account to login. (Also, don't use oandbackup! Signal has its own backup functionality under Settings > Chats and media > Backups)