Titanium Backup Cryptography

This page is all about encrypting and decrypting your backups. Questions about encryption and decryption are likely to be founded here. Use the index below for easier navigation to find answer to your question.


1. I can’t enable encryption, why ?

  • Cryptography is only available with Titanium Backup PRO.
  • You need Titanium Backup 3.6.0 or newer.

2. What can Titanium Backup encrypt ?

  • It can encrypt the app data (or system data) contained in your backups.
  • It will not encrypt the apk files.

3. How does Titanium Backup encrypt the data ?

  • It uses a combination of asymmetric (RSA) and symmetric (AES) cryptography in order to provide you with:
    • High performance when creating and restoring backups,
    • The ability to perform backups without entering a passphrase,
    • The ability to restore backups across different phones,
    • The inability (obviously) to restore backups without having the passphrase.

4. When restoring it needs my passphrase, but when making backups it doesn’t. How is that possible ? Is my passphrase hidden somewhere ?

  • No, your passphrase is not stored anywhere. Otherwise it would be “security by obscurity” and would defeat the point of using real cryptography.
  • When you backup data, an encryption is performed with a public key. That public key can be read without needing your passphrase – because it’s public.
  • When you restore data, a decryption is performed with a private key. That private key is encrypted with your passphrase – so you are prompted for it.
  • So, there are two separate keys (a public key and a private key) and they are tied by a precise mathematical relationship. This relationship allows you to encrypt your data safely, without your passphrase.

5. Which actions will require my passphrase ?

  • Verifying your backups.
  • Restoring your backups.

6. What is a passphrase ?

7. If I create a new master key, do I lose the ability to restore my existing backups ?

  • No, existing backups are not affected and can be restored without problems – as long as you remember the passphrase for them.
  • All future backups will use the new master key.

8. If I change the symmetric key length, do I lose the ability to restore my older backups ?

  • No, existing backups are not affected and can be restored without problems – as long as you remember the passphrase for them.
  • All future backups will use the new encryption settings.

9. I’d like to modify the encryption on existing backups (ie: encrypt, decrypt or re-encrypt an existing file). Can I do that ?

  • Not yet. For the time being, existing backups cannot be modified in any way.
  • You need to change the encryption options and then make a new backup. You can then verify your backups and then delete the previous backup.


10. I forgot my passphrase or want to decrypt someone’s backups. Is there a backdoor that will allow me to do that ?

  • No, there’s no backdoor. If you don’t have the passphrase, you’re screwed: the files are just as valuable as random data to you now. And I can’t help, either.

11. I want to use SWAP or COMPCACHE to increase the available RAM on my Android phone. Is that safe ?

  • Compcache is safe.
  • Swap is unsafe because anything that’s in RAM (except the kernel and a few system elements) can end up in the swap file. Your passphrase, private key or symmetric keys are not pinned in RAM and (if you’re unlucky) they can end up in the swap file. It’s the same issue with any Android security app, by the way. Therefore if you’re a paranoid user, swap is not recommended.

12. Does Titanium Backup use secret algorithms for encryption, or well-known ones ?

  • No, it only uses solid and well-established encryption methods that were designed by top-level cryptographers, not weekend programmers:
    • The AES algorithm, designed by Joan Daemen and Vincent Rijmen.
    • The RSA algorithm, designed by Rivest, Shamir and Aldeman.
    • The SHA-1 algorithm, designed by the NSA.
  • Secret encryption algorithms are a recipe for disaster, because they are often designed by amateurs – we can take the DVD-CSS fiasco as an example.
  • In conclusion: it’s the secrecy of your keys that provide the security – not the secrecy of the algorithm itself.