Re: [Tails-dev] Goldfish the ephemeral password manager.

Delete this message

Reply to this message
Autore: jvoisin
Data:  
To: tails-dev
Nuovi argomenti: [Tails-dev] Goldfish update
Oggetto: Re: [Tails-dev] Goldfish the ephemeral password manager.
On 05/13/2014 03:58 PM, Rémi wrote:
> Going over your points:
>
> - Yes, I should select some other slow hash function. Do you have a
> suggestion for a secure function available in python?

Currently, Python doesn't come with those kind of function.
>
> - It is less random. That is why it is popped.

Then you should update the comment :)
>
> - It really doesn't matter if some names have a tiny bit lower
> probability of getting selected. Much more useful would be to add more
> names.
>
> - Now you're just trolling. The username suffix is indeed not random,
> but derived like the rest of the credentials.

Then it shouldn't be described as random :)
>
> - Yes, in python you do not have control over memory like you have in C.

This is why those kind of tools should not be written in Python:
- You don't have control over memory
- You can't guarantee that your code can run in constant time.
>
> Maybe the comments should have been formulated to look less scary? As I
> pointed out in the code, I indeed need another slow hash function. I'm
> on it.

Yes. Sorry for the harsh tone :|

The idea of deriving passwords from a master is not knew.
What about using something like HMAC for this ?
>
> R.
>
>
> On 13/05/14 15:28, jvoisin wrote:
>> On 05/13/2014 03:17 PM, Rémi wrote:
>>> Good suggestion.
>>>
>>> I added the following text to the repository:
>>>
>>> Goldfish is unlocked using 1.000.000 rounds of sha512, which takes ~1.5
>>> seconds in python. The hash rounds are not meant to replace an actual
>>> strong password, so the password should be about as strong as your
>>> truecrypt password.
>>> A danger is that the root password would be guessed. It is also not
>>> obvious how to change a password. If a service provider has the
>>> username/password pair this does not give away anything about other
>>> credentials.
>>>
>>> Obfuscation.
>>> The usernames are designed to 'look real'. They are derived from common
>>> western names with an added suffix. The service passwords and username
>>> suffixes vary in length to further obfuscate that Goldfish is used.
>>> If someone really wants to they could figure out that a set of
>>> credentials was likely generated using Goldfish. This should not
>>> directly be obvious, certainly not by just looking at the username.
>>>
>>> R.
>>
>> A quick glance at your code tells me that I don't want to use this
>> software at all.
>>
>> - "My own implementation of a slow hash function." : Why are you
>> inventing your own crypto ?
>>
>> - "# Pop the first number because it is probably less random." :
>> Probably less random ?!
>>
>> - "# Yes, I know how this affects the name distribution." : Why
>> admitting that your distribution is flawed instead of fixing it ?!
>>
>> - """" Given some information it looks up the correct username and
>> appends some random data """" : This is wrong, the appended data is not
>> random at all.
>>
>> - Your lock/unlock system has no control over the memory of the process.
>>
>> - ...
>>
>> You may want to read some papers about cryptography before creating this
>> kind of softwares.
>>>
>>>
>>> On 13/05/14 12:09, intrigeri wrote:
>>>> Hi Rémi,
>>>>
>>>> Rémi wrote (12 May 2014 09:48:13 GMT) :
>>>>> I wrote an ephemeral password manager, for privacy and anonymity.
>>>>> The idea is that you use a root password to deterministically generate
>>>>> credentials, so no need to store the credentials.
>>>>
>>>> Thanks for this suggestion.
>>>>
>>>> Just curious: is there any threat model description, and security
>>>> analysis of the underlying password generation algorithm, to be
>>>> found somewhere?
>>>>
>>>> Cheers,
>>>>
>>> _______________________________________________
>>> Tails-dev mailing list
>>> Tails-dev@???
>>> https://mailman.boum.org/listinfo/tails-dev
>>> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
>>>
>>
>> _______________________________________________
>> Tails-dev mailing list
>> Tails-dev@???
>> https://mailman.boum.org/listinfo/tails-dev
>> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
>>
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.
>