Date: Sat, 4 Jan 2014 18:02:30 +0400 From: gremlin@...mlin.ru To: oss-security@...ts.openwall.com Subject: Re: kwallet crypto misuse On 03-Jan-2014 12:44:42 -0500, Daniel Kahn Gillmor wrote: >>> UTF-16 encoding combined with Blowfish's 64 bit block size >>> means there are just four password characters per block. >> But this is: any and all passwords, being used for encryption >> key generation, must be hashed, then salted, then hashed >> again. SHA-256 may be a good choice for generating Blowfish >> 256-bit key this way. > what kind of hashing and salting are you talking about? I'm talting about that very kind of hashing and salting which is normally used to generate an encryption key for symmetric cipher from the supplied password. > i don't think hashing and salting makes sense in the context > that you were quoting above. Are you aware that kwallet stores > a database of passwords that need to be able to be produced back > for the user (or the user's applications) in the clear? Are you aware that database of passwords is just user's data, which may be virtually anything? Suppose you want to generate a password for some resource and store it safely. One of the easiest methods to do that is running `mkpassphrase | gpg -ea > some_resource.gpg` but let's suppose you don't want to keep a keypair on that machine, so most likely you'll run `mkpassphrase | gpg -ca > some_resource.gpg` GPG will ask you (twice) for a password and produce the output like -----BEGIN PGP MESSAGE----- jA0ECgMC0nbVtnsmoZ9g0lQBFVTSY/avTaGibkt/dFGciqjGih1OXfLCPBRkv9gq sDqdOrjzSO0A+P5ziDalFWJEaNQR5mYQaj/eUP8YAM4e5baFvW+7mSMesuMXqEY1 +E0TCzY= =9DoC -----END PGP MESSAGE----- Now, once you need to access the data (generated password in this exemple), you may run `gpg < some_resource.gpg` provide the encryption password (try "Rent/Author!film2Cool") and get back the previously generated password: Sticky5scum0robust#Comic So, please don't mess the encryption password (key source) and stored password (user's data). -- Alexey V. Vissarionov aka Gremlin from Kremlin <gremlin ПРИ gremlin ТЧК ru> GPG: 8832FE9FA791F7968AC96E4E909DAC45EF3B1FA8 @ hkp://keys.gnupg.net Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ