Re: Cookie Encryption on Android

[Colin Blundell]

+chromium-dev 

Hello,

I don't actually know. I'm listed as OWNER there because I componentized that code long ago, but I wasn't actually involved in its bringup. Someone familiar with that bringup might know? Alternatively, codesearch/history might yield evidence as to why it was not necessary to bring up on Android.

Best,

Colin

On Sat, Feb 8, 2025 at 4:44 AM 吴国斌 <wuguob...@bytedance.com> wrote:

Dear Colin Blundell:

I hope this letter finds you well. I am a developer at ByteDance, and I am writing to kindly ask you something about Chromium cookie encryption since you are the owner of `components/cookie_config/`.

I noticed that Chromium has implemented a cross-platform `net::CookieCryptoDelegate` to encrypt and descrpt cookies. However, this implementation is only enabled on Windows, MacOS, Linux and ChromeOS. May I ask why is it disabled on Android platform? Is there any security concern or something else?

Thank you for your time and assistance. I look forward to hearing from you.

Best regards,

Guobin Wu.

[Ari Chivukula]

I think the answer is in the comment below the linked code (emphasis mine):

" Use the operating system's mechanisms to encrypt cookies before writing them to persistent store.  Currently this only is done with desktop OS's because ChromeOS and Android already protect the entire profile contents."

~ Ari Chivukula (Their/There/They're)

--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev
---
You received this message because you are subscribed to the Google Groups "Chromium-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-dev...@chromium.org.
To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAMGE5NFH%2BKa%2BDbbPvhkPoDrFFrcLKDuuNjVrzjp1MbLGw7-3FQ%40mail.gmail.com.

[Torne (Richard Coles)]

On desktop platforms, using the OS crypto services to encrypt stored data protects the data against an attacker who has access to the drive where the data is stored (e.g. by removing the drive, or booting the computer into a different OS), but does not have access to the user account that owns the data.

On modern versions of Android (and on many devices with older versions) all the user data stored on the device's internal storage is already transparently encrypted by the OS and so there's no need for apps to also apply their own encryption to data stored there. Android relies on that instead of providing a similar OS crypto service to the desktop platforms.

Also, for most purposes on Android the security boundary is individual apps, not the user: each app's private data directory on the internal storage is only accessible to that specific app, so it's not possible for another app to access the stored files at all even if it's running as the same user, which is more restricted than even the data protected by OS crypto services.

To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/chromium-dev/CAGpy5DL4yf-E%2BjHx6wu1w%3DtLb%3DXphYFSjnO7x%3DPknf7NwNHVpw%40mail.gmail.com.