diff options
| author | drebs <drebs@leap.se> | 2015-06-03 15:56:40 -0300 |
|---|---|---|
| committer | Kali Kaneko <kali@leap.se> | 2015-07-27 09:58:29 -0400 |
| commit | bbfb3bb44915004a70702030aa1d2f9336a60938 (patch) | |
| tree | f4736717fcf6eb436bfd9ac17f1e32a6c6bbb622 /client/changes | |
| parent | 3546eff73297945c1519e925c994e28d6ad523f4 (diff) | |
[bug] remove mac from secrets file
This is how a secret was stored in the secrets json file:
* each secret is symmetrically encrypted amd MACed with keys derived from
the user's passphrase.
* the encrypted secrets dictionary is then MACed with another key derived
* from the user's passphrase.
* each key is derived using scrypt and a unique random salt.
There are disadvantages to this approach:
* repeating scrypt many times is a waste of time.
* an attacker could crack whichever has weaker parameters, if they get out
of sync.
* if an attacker can modify the secret in a way it is good to decrypt the
database, then she can also modify the MAC.
The solution for this is:
* completelly eliminate the MAC from the storage secrets file.
* attempt to decrypt the database with whatever is got from the decryption
of the secret. If that is wrong, report an error.
Closes #6980.
Diffstat (limited to 'client/changes')
| -rw-r--r-- | client/changes/feature_6980_remove-mac-from-secrets-file | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/client/changes/feature_6980_remove-mac-from-secrets-file b/client/changes/feature_6980_remove-mac-from-secrets-file new file mode 100644 index 00000000..6a424013 --- /dev/null +++ b/client/changes/feature_6980_remove-mac-from-secrets-file @@ -0,0 +1 @@ + o Remove MAC from secrets file. Closes #6980. |