27

Suppose I use KeePassX as a password manager, and I store the kdb file in Sparkleshare folder as a way for backing up and syncing with multiple devices.

The kdb file in itself would be encrypted, but if someone stole the git repo, they technically would have many versions of the same file with minor variations. Would that in any way reduce the security of the file?

Improve this question

2 Answers 2

Reset to default
22

If the encryption algorithm in question is weak against a Ciphertext-only attack, having multiple variants of an encrypted files might allow an attacker to decipher the ciphertext.

All strong encryption algorithms including AES isn't susceptible to such attacks. You should be fine.

Improve this answer
3
  • 1
    Just to add to what Terry said, this is not something you should worry about. It's a little bit like worrying about being hit by a meteor while you drive.. and talk on your phone.. drunk. Commented May 13, 2013 at 12:54
  • 1
    It does open you up to implementation bugs though. If poor entropy is used for selecting the IV then you start to run into possible collisions there. Commented May 13, 2013 at 16:03
  • A factor to consider in general is compression and any patterns that may create, however, specifically for KeePass this is not going to likely come into play Commented May 13, 2013 at 22:03
6

Assuming you are using well-implemented, quality algorithms, having a history of the encrypted file should not significantly help an attacker.

However, I would be concerned about insecure versions of the file being kept in version control. For example, if you use a weak password at one point, that weak version could be compromised by guessing the password.

[Would comment on Terry Chia's answer, but don't have the reputation yet.]

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.