tbf, the master secrets are only ever supposed to be exposed to or used in HSM / SE / Enclaves etc.
Un-rotatable secrets (master & recovery) aren’t that big a deal as long as these are not exposed / exported / exfiltrated to regular environments.
This is mentioned in Ente’s security audit,[1][2][3] so it isn’t something unknown… Some here do have a different expert opinion:
All that said, every system will have limitations (or “flaws” as you put it), even the ones that let you rotate keys, or protect keys from exfiltration:
I mean, even standards-compliant cryptography is full of assumptions & limitations (… or flaws). There wouldn’t be talk of post-quantum security otherwise.
“The observation was made that the user’s masterKey and collectionKeys do not rotate when a user updates their ente password.” ↩︎
“Retention of the same encryption keys - even after a password change in the ente application - represents a significant security vulnerability.” ↩︎
“The persistence of unchanged encryption keys may inadvertently expose users to persistent security risks, even after they have taken corrective measures to update their passwords. As a result, the ente team should prioritize resolving this vulnerability by implementing a robust key management system that includes securely updating encryption keys upon password alteration.” ↩︎