On 06.04.2012 16:55, Greg Stein wrote:
> On Apr 6, 2012 2:06 AM, "Branko Čibej" <brane_at_apache.org> wrote:
>> On 06.04.2012 00:38, C. Michael Pilato wrote:
>>> I've been also frustrated when considering the situation that occurs
> when a
>>> user changes his/her master password, forcing a re-encryption of all
> cached
>>> credentials using the new password.
>> You could do what whole-disk encryption systems do: only the encyprtion
>> key is encrypted by the master passphrase, actual data are encrypted by
>> that key. This allows different users with different passphrases to
>> decrypt the same data, since they only decrypt a wrapped copy of the
>> same encryption key.
>>
>> In other words, changing the master passphrase only requires decrypting
>> and re-encrypting one 256-bit encryption key, not the whole credentials
>> store.
> PKBDF2 is in the current design to make dict attacks computationally
> "impossible". Assuming we keep that, then the above value would be fed in
> as the secret to PKBDF2, rather than MP or sha1(MP) ?
That's the idea, yes.
-- Brane
Received on 2012-04-06 17:04:10 CEST