Reputation: 37
What does the "v20" mean in Chromium based browsers encrypted data?
I made a year or two ago a function in C to AES-GCM-256 decrypt data, and I was able to decrypt Chrome cookies before.
I tried to make it loop through my local saved cookies to decrypt them and most of them worked, but 1/3 failed. I did some digging and seems like the AES-GCM-256 decryption failed on data that had the prefix of "v20" and worked on encrypted cookies with the prefix of "v10".
I can't seem to find neither much examples or explanations regarding this, other than that it's some form of hardware based encryption on top of DPAPI.
What is the difference between encrypted data with "v10" prefix and "v20" prefix and how could such be decrypted?
Upvotes: 0
Views: 932
Answers (1)
Reputation: 393
With the v20, the encryption is now application bound so it can only be decrypted by the same application that encrypted it.
You can find more information about it in this blog: Improving the security of Chrome cookies on Windows
Upvotes: 1
Related Questions
- How to encrypt/decrypt data in php?
- AES-GCM 256 bit - Node.js encrypt / Android decrypt - 16 byte authentication tags don't match
- Nodejs AES-256-GCM encryption and decryption in client by browser webcrypto api
- Decrypting (in python) the encrypted data using AES256 (CBC + PKCS7 padding) is resulting extra characters in the end
- Unable to decrypt aes-256-gcm encrypted data in java