#krux v24.11.1
This release includes a fix for a recently discovered issue #477 in our encryption system. Due to an implementation error, the camera-captured entropy was not being used as intended in our AES-CBC encryption mode. This means that the additional layer of security provided by the camera's randomness was not effectively applied.
## What Does This Mean for You?
*Who is Affected*: Users who have changed their settings to use AES-CBC encryption instead of the default AES-ECB for encrypted backups on flash storage, SD cards, or encrypted QR codes.
*Impact*: The encryption strength for these backups may not be as robust as intended.
## Recommended Action:
If you have used AES-CBC encryption for your backups, we recommend the following steps:
Update Your Device: Please install the latest software update where this issue has been resolved.
Replace Your Backups: After updating, recreate your encrypted backups on flash storage, SD cards, or QR codes to ensure they are secured with the corrected encryption implementation.
Thanks @earthdiver for the finding!
Always test your encrypted backups and keys after creation and have a redundant physical backup of your keys.
GitHub
Release Version 24.11.1 · selfcustody/krux
This release includes a fix for a recently discovered issue #477 in our encryption system. Due to an implementation error, the camera-captured entr...