KeePassXC Audit Report – KeePassXC
KeePassXC provides sufficient cryptographic protection (confidentiality, integrity and authenticity) to the confidential information the user is storing in the database, given that the user selects a strong authentication method, e.g. a strong passphrase and a confidential random key file, and that the user will use KeePassXC with its latest secure file format.
The application is capable of reading and writing older and less secure KeePass file formats. Ideally, the application should warn on the use of insecure formats, suggest ways to migrate to the newest format. Should an attacker be able to replace the user’s database with a database of an older format featuring the same authentication (this is a difficult for the attacker precondition), the user would loose authenticity and integrity of the information in the database. This is discovered by previous research, in the paper by Gasti and Rasmussen.
The password manager could also advise the user on improving protections, like selecting stronger KDF parameters once time passes by or by using protected attributes more often. The latter is relevant for a scenario, where a user might use a less secure password manager for the same database regularly. KeePassXC could store which latest version of the database was used by the user as well, and spot an undesired substitutions.
KeePassXC is written well and exercises defensive coding sufficiently. The memory deallocation could be improved to not to contain secrets after the database is locked though.
The key files must stay inaccessible to a potential attacker, as their authenticity is not checked, and digesting a key file might include complicated XML parsing, which has historically proven highly attackable.
I have reviewed the core features of KeePassXC focusing mainly on its database reading and writing features and the cryptography use. I could discover no major problems. This review, however, features a number of recommendations, that the development team could implement at their preference to keep raising security bar of the software.
As KeePassXC is a relatively complex program and the review effort was limited, I did not review all of the code base. Some helper features stay not reviewed, for example: TOTP, SSH agent, browser plug-in communication, auto-type, KeeShare password sharing mechanism, freedesktop integration, HIBP support, database statistics feature. Maybe these features could be a subject to a next review version.
To the best of my knowledge, disclaiming warranties and/or liability, I can recommend the use of core KeePassXC 2.7.4 functionality as of December 2022: reading and writing the database files with confidential user information.Link: keepassxc.org