diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-08-19 12:41:31 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-08-19 12:41:31 -0400 |
| commit | d3323ab8e9e39bcb0a6493d33efa265073920a7d (patch) | |
| tree | 5366a829047b1637496086fec5744947da21d383 | |
| parent | a774bc8d566c55564d008863b3c1be7d03a9fdde (diff) | |
| download | keysafe-d3323ab8e9e39bcb0a6493d33efa265073920a7d.tar.gz | |
comment updates
The keyid used as a salt in the shardIdents does not prevent rainbow table
attacks, since it's often anyKey (""). The obscure name combined with the
username does make rainbow tables unlikely to be useful though.
| -rw-r--r-- | Encryption.hs | 2 | ||||
| -rw-r--r-- | Shard.hs | 5 | ||||
| -rw-r--r-- | Types.hs | 3 |
3 files changed, 4 insertions, 6 deletions
diff --git a/Encryption.hs b/Encryption.hs index 649cfed..4a8f5cf 100644 --- a/Encryption.hs +++ b/Encryption.hs @@ -164,7 +164,7 @@ hashToAESKey (ExpensiveHash _ t) = b = B.take (fromIntegral $ Raaz.byteSize (undefined :: AesKey)) $ Raaz.toByteString $ Raaz.sha256 (E.encodeUtf8 t) --- | A bytestring that can be AES enctypted. It includes a checksum, +-- | A bytestring that can be AES encrypted. It includes a checksum, -- and size, and is padded to the objectSize with NULs. -- -- This is a multiple of the AES blocksize, as long as objectSize is, @@ -40,9 +40,8 @@ instance Bruteforceable ShardIdents UnknownName where -- -- This is an expensive operation, to make it difficult for an attacker -- to brute force known/guessed names and find matching shards. --- The keyid or filename is used as a salt, both to avoid collisions --- when the same name is chosen for multiple keys, and to prevent the --- attacker from using a rainbow table from names to expensivehashes. +-- The keyid or filename is used as a salt, to avoid collisions +-- when the same name is chosen for multiple keys. shardIdents :: Tunables -> Name -> SecretKeySource -> ShardIdents shardIdents tunables (Name name) keyid = ShardIdents idents creationcost bruteforcecalc @@ -27,8 +27,7 @@ instance Show EncryptedSecretKey where instance Bruteforceable EncryptedSecretKey UnknownPassword where getBruteCostCalc (EncryptedSecretKey _ cc) = cc --- | Objects stored on a keysafe server are (probably) a shard of an --- encrypted secret key. +-- | An object in a form suitable to be stored on a keysafe server. newtype StorableObject = StorableObject { fromStorableObject :: B.ByteString } deriving (Show) |