![]() ![]() In that scenario, the second password will be the "backup password" which the user will not forget. ![]() You actually want an intermediate key anyway, to support password changes without having to reencrypt all the data. To make that efficient, use an intermediate key: a data file is encrypted with a random file key K, and key K is encrypted twice: once with the first password, and once with the second password. There are two ways out the "forgotten password" issue:Įncrypt the data not with one password, but with two passwords. The secret answers option is the easiest, but it's possible to do this with any secret value. When the user forgets their password, ask them for their secret answers and generate the secondary locking key, then use that to compute the surrogate key.Xor the surrogate key with the secondary locking key and store that as a backup key.Run that value through a KDF to create a secondary locking key. ![]() Convert the answers to uppercase and concatenate them. Ask the user to provide you with 3 secret answers.When using such a mechanism, the only way to decrypt the data is to have the password, unless you create a second encrypted copy of the surrogate key using another secret. The benefit of this system is that it allows for easy password changes - just use the old password to decrypt the surrogate key, then generate a new locking key from the new password. On login, generate the locking key and xor it with the stored surrogate key, which gives you the real surrogate key.This makes the master key unknown unless the password is unknown. Xor the surrogate key with the locking key and store that value.Generate a "locking" key from the password using a different salt, but still using a strong KDF.Generate a random surrogate key for data encryption. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |