Yesterday’s release of Firefox 29 features a brand new Firefox Sync experience that is much easier to use while maintaining the high standard of safety, security, and openness that you expect from Mozilla.
How does the new Sync differ from the old? Read on!
Since its 2010 debut in Firefox 4, Firefox Sync had been powered by a distinctive encryption system which didn’t use passwords: instead it created a unique secret key, which was used to encrypt and decrypt all your data. The only way to get at your data was to know this key. Even the Mozilla servers which held your data could not decrypt the contents.
You (almost) never saw this key, known as the “recovery key,” because the normal way to set up a new device was with a technique called “pairing.” When you set up a new device, you saw a single-use, 12-character “pairing code,” which you could then type into the other device. Through some crypto magic, the recovery key and everything else necessary to set up Sync was safely copied to the new device, ensuring that both devices knew the secret key and could talk securely about your bookmarks and other data.
Problems with Sync
In the last four years, we’ve seen many problems with this scheme. The greatest is that it didn’t do you much good if you only had one device: pairing is about pairs (or threes or fours). If you lost your only device, you probably also lost the only copy of your secret key, and without that key, there was no way to recover your Sync data.
Pairing presented other usability issues as well: you had to be near two devices when setting it up, and many people mistook the pairing code for some sort of computer-generated password that they would need to remember.
The New Firefox Sync
This year, the Services group introduced Firefox Accounts, which are based on a traditional email address and a password, just like the hundreds of other account systems you’re already familiar with.
The new Firefox Sync is the first service to use Firefox Accounts. The security goals remain the same: there is still a strong random secret key, and Mozilla’s servers cannot decrypt your data. However, instead of using pairing, a “wrapped” version of your secret key, protected by your password, is stored alongside your Firefox Account. This means you can recover all your data, even if you lose all your devices at the same time. Setting up a new device only requires typing your Firefox Account email and password into it.
This is a significant change from the previous Firefox Sync. The security of your data now depends upon your password. If your password is guessable, somebody else could connect to your account and decrypt your data. Of course, the best passwords are randomly generated.
Given the importance of your password, we’ve designed Firefox Accounts such that Mozilla’s services never see your password’s clear text. Instead, Firefox first strengthens the password through client-side stretching with PBKDF2, and then derives several purpose-specific keys via HKDF. Neither your password nor the derived “unwrapping” key are ever transmitted to Mozilla. You can read more about the protocol in its technical description on GitHub.
We hope you’ll agree that this is a step in the right direction for Sync. Try it out today and let us know about your experience in the comments!
Special thanks to Brian Warner for his contributions to this post.