Re: [Tails-dev] Goldfish the ephemeral password manager.

このメッセージを削除

このメッセージに返信
著者: jvoisin
日付:  
To: tails-dev
題目: Re: [Tails-dev] Goldfish the ephemeral password manager.
On 05/13/2014 03:17 PM, Rémi wrote:
> Good suggestion.
>
> I added the following text to the repository:
>
> Goldfish is unlocked using 1.000.000 rounds of sha512, which takes ~1.5
> seconds in python. The hash rounds are not meant to replace an actual
> strong password, so the password should be about as strong as your
> truecrypt password.
> A danger is that the root password would be guessed. It is also not
> obvious how to change a password. If a service provider has the
> username/password pair this does not give away anything about other
> credentials.
>
> Obfuscation.
> The usernames are designed to 'look real'. They are derived from common
> western names with an added suffix. The service passwords and username
> suffixes vary in length to further obfuscate that Goldfish is used.
> If someone really wants to they could figure out that a set of
> credentials was likely generated using Goldfish. This should not
> directly be obvious, certainly not by just looking at the username.
>
> R.


A quick glance at your code tells me that I don't want to use this
software at all.

- "My own implementation of a slow hash function." : Why are you
inventing your own crypto ?

- "# Pop the first number because it is probably less random." :
Probably less random ?!

- "# Yes, I know how this affects the name distribution." : Why
admitting that your distribution is flawed instead of fixing it ?!

- """" Given some information it looks up the correct username and
appends some random data """" : This is wrong, the appended data is not
random at all.

- Your lock/unlock system has no control over the memory of the process.

- ...

You may want to read some papers about cryptography before creating this
kind of softwares.
>
>
> On 13/05/14 12:09, intrigeri wrote:
>> Hi Rémi,
>>
>> Rémi wrote (12 May 2014 09:48:13 GMT) :
>>> I wrote an ephemeral password manager, for privacy and anonymity.
>>> The idea is that you use a root password to deterministically generate
>>> credentials, so no need to store the credentials.
>>
>> Thanks for this suggestion.
>>
>> Just curious: is there any threat model description, and security
>> analysis of the underlying password generation algorithm, to be
>> found somewhere?
>>
>> Cheers,
>>
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
>