Document vim's encryption strengths/weaknesses

[benjamin-thomas]

Hello,

Being a long time vim user (and very grateful for your hard work!), I was briefly considering using vim and it's encryption feature as a replacement to my password manager, and store an encrypted file on a public cloud.

My googling-fu suggests I'm not the only one having thought of this...

By sheer luck, I've stumbled upon those 2 threads:

• Vim cryptmethod is not authenticated #638
• Vim cryptmethod uses SHA-256 for password-based key derivation #639

Although vim's encryption feature could be applicable to some use cases, it seems mine is not one of them.

While those issues are pending, I feel adding a couple of sentences to the docs here could be useful and low burden for now.

And/or maybe adding some sort of warning regarding vim's crypto status that could be suppressed via an env var, or similar.

What do you think ?

[chrisbra]

Please provide concreate documentation enhancements e.g. as PR

[lacygoill]

While those issues are pending, I feel adding a couple of sentences to the docs here could be useful and low burden for now.
And/or maybe adding some sort of warning regarding vim's crypto status that could be suppressed via an env var, or similar.
What do you think ?

Any suggestions?

[benjamin-thomas]

I didn't have the time to dig into the code base and figure out how to display a warning upon encryption usage.

And adding a couple of lines to the docs seems pretty pointless to me.

My main point was that some developers use vim as a password manager and make blog posts about it.

Although my memory is blurry now, I sumed it up to myself as:

1. that's a bad idea
2. don't ever use vim's encryption feature

Rather, use a dedicated external tool such as pgp or some derivative such as the beautiful passwordstore.

Vim is a great tool, but I feel it's a shame if some developers are led into thinking this feature is ok to use for highly sensitive data, considering the consequences.

[tonymec]

@benjamin-thomas : About one page of scroll lower than what you link to, it is said that Vim uses three possible encryption methods at the user's choice:

• a weak method
• a method with flaws
• a medium-strong method
  I understand this as meaning that Vim is not capable of really strong encoding. IOW, it is already documented, albeit in a mealy-mouthed way, that as as you said in a later post, Vim is not the tool to use for really confidential text. And if you're working for a governmental agency, you should use a real typewriter and not leave your confidential text lying about on a computer, or anywhere not under lock and key when you aren't reading or writing them for that matter.

Best regards,
Tony.

[chrisbra]

it is said that Vim uses three possible encryption methods at the user's choice:

a weak method
a method with flaws
a medium-strong method

(this is slightly below :h :X).

So is this enough to be closed? Or should we more prominently mention this (or link to this section from :h 'cryptmethod'?

[benjamin-thomas]

Closing this as I won't have time to dig into it...

Tbh, I don't understand why a weak encryption method would be useful to anyone, and it seems to me to be just a bad idea to let the editor handle encryption anyways.

It probably made sense at some point, but I think this feature should be marked deprecated.

[dpelle]

Tbh, I don't understand why a weak encryption method would be useful to anyone,
and it seems to me to be just a bad idea to let the editor handle encryption anyways.

In defense of having encryption in the editor: not only the file is encrypted
but also the swap file, the undo file, the backup file so it limits what information
can leak in clear when opening an encrypted file. There is also viminfo which is
not encrypted. One can also disable backup, undo and viminfo of course.

That said, it would obviously be preferable to have strong encryption.

[chrisbra]

side note to me: explore if libsodium could be plugged into the existing crypto backend.

[Konfekt]

In defense of having encryption in the editor: not only the file is encrypted
but also the swap file, the undo file, the backup file so it limits what information
can leak in clear when opening an encrypted file. There is also viminfo which is
not encrypted. One can also disable backup, undo and viminfo of course.

Is this leakage list complete?

[tonymec]

@benjamin-thomas : The reason to have a weak method is that not so long ago it used to be the only method; also, it is the method used by encrypted zipfiles. If Vim wants to be able to read files written by, er, I think it was Vim 6, or to open encrypted zipfiles, it needs to have that encryption method available.

Similarly, to read files encrypted by slightly more recent versions of Vim, which only had the weak method and the flawed method at their diposal (the flaws not being all known by then), that method must also be available.

Another reason to have those less-than-perfect methods available is in order to be able to write encrypted files that those earlier versions of Vim can read.

But as I said earlier: if you want really strong safety, don't entrust your confidential files to a computer, keep them in a locked safe when you aren't perusing them, and if possible, deliver them in person to only the people who need to know them.

Best regards,
Tony.

[benjamin-thomas]

@dpelle good points thanks for the reminders ;)

@tonymec I wouldn’t be surprised if I was using one of those old vim versions at the time, I don’t recall seeing attractive options encryption wise then.

As I said I ruled out vim being a useful tool for my use case, let’s say store passwords, API keys and so on. I’d rather delegate to a specialized tool that I’ll expect to receive timely security updates and so on.

So to sum up I think I’m still as confused about this feature as I was in 2018, but if it works for some then great ^^