From bbfb3bb44915004a70702030aa1d2f9336a60938 Mon Sep 17 00:00:00 2001 From: drebs Date: Wed, 3 Jun 2015 15:56:40 -0300 Subject: [bug] remove mac from secrets file This is how a secret was stored in the secrets json file: * each secret is symmetrically encrypted amd MACed with keys derived from the user's passphrase. * the encrypted secrets dictionary is then MACed with another key derived * from the user's passphrase. * each key is derived using scrypt and a unique random salt. There are disadvantages to this approach: * repeating scrypt many times is a waste of time. * an attacker could crack whichever has weaker parameters, if they get out of sync. * if an attacker can modify the secret in a way it is good to decrypt the database, then she can also modify the MAC. The solution for this is: * completelly eliminate the MAC from the storage secrets file. * attempt to decrypt the database with whatever is got from the decryption of the secret. If that is wrong, report an error. Closes #6980. --- client/changes/feature_6980_remove-mac-from-secrets-file | 1 + 1 file changed, 1 insertion(+) create mode 100644 client/changes/feature_6980_remove-mac-from-secrets-file (limited to 'client/changes') diff --git a/client/changes/feature_6980_remove-mac-from-secrets-file b/client/changes/feature_6980_remove-mac-from-secrets-file new file mode 100644 index 00000000..6a424013 --- /dev/null +++ b/client/changes/feature_6980_remove-mac-from-secrets-file @@ -0,0 +1 @@ + o Remove MAC from secrets file. Closes #6980. -- cgit v1.2.3