PasswordMaker Forums
September 03, 2010, 11:21:15 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
 
   Home   Help Search Login Register  
PasswordMaker Forums > Firefox/SeaMonkey/Mozilla/Netscape/Flock Browser Extension > Bugs > aes key size
Pages: [1]
« previous next »
  Print  
Author Topic: aes key size  (Read 1924 times)
frederic
Guest
« on: December 02, 2005, 10:46:46 AM »
These are not bugs that prevent the usage of PasswordMaker, but I investigated the encryption of the master password when stored on disk to see if I could recover it (I typed it once and even forgot about it a few months after... :-).

First, the aes encryption key is not 256 bits as advertised at https://passwordmaker.org/passwordmaker.html but only 128 bits as set in variable keySizeInBits in aes.js. As a proof, the key stored on disk is only 32 characters (16 hex bytes or 128 bits).

Second, the key is only made of digits in the range 0 to 9 and not hexadecimal digits. It reduces the key space.

Although it would not improve the security of the master password if all the key space and aes-256 were used, it may be a concern if they are reused in some other part of the code that should be more secure...

Frederic
Logged
Eric H. Jung
grimholtz
Administrator
*****
Offline Offline

Posts: 3292


WWW
« Reply #1 on: December 02, 2005, 04:37:18 PM »
Hello Frederic,

I have changed https://passwordmaker.org/passwordmaker.html (and the associated downloadable zip archive)  to read "AES-128" instead of "AES-256". Thanks for pointing it out.

Can you explain why hexadecimal should be used instead of decimal? I don't see how one is better than the other.

Thank you,
Eric
« Last Edit: December 02, 2005, 04:38:20 PM by Eric H. Jung » Logged
Miquel 'Fire' Burns
Administrator
*****
Offline Offline

Posts: 1024


Programmer


WWW
« Reply #2 on: December 02, 2005, 05:27:49 PM »
Quote
Second, the key is only made of digits in the range 0 to 9 and not hexadecimal digits. It reduces the key space.

I should examine the code a little more as see what he's talking about. But the part I highlight is the point he's making I think.
Logged
Guest
Guest
« Reply #3 on: December 05, 2005, 08:17:39 AM »
Quote
Can you explain why hexadecimal should be used instead of decimal? I don't see how one is better than the other.
If you limit the keys you use to a subset of all the possibilities, then any attacker can do the same and a brute force attack is simplified. The time it takes for a brute force attack to succeed can be smaller than expected (10/16  in this case which is still 1E21 years with a single average PC but not the maximum allowed by AES).

As I noted, it won't improve much the security of the master password on disk if you use all the hex digits since a brute force attack is not necessary to get to it. But if the same algorithm is used somewhere else to generate a key in PasswordMaker (I admit I haven't checked it) and the security is an issue, then there is room for a simple security improvement.

Frederic
Logged
Eric H. Jung
grimholtz
Administrator
*****
Offline Offline

Posts: 3292


WWW
« Reply #4 on: December 05, 2005, 08:49:47 AM »
I am updating the code at https://passwordmaker.org/passwordmaker.html to use all 16 digits for the key.

Quote
But if the same algorithm is used somewhere else to generate a key in PasswordMaker (I admit I haven't checked it) and the security is an issue, then there is room for a simple security improvement.
Yes, it is used in all editions whenever the user chooses to save the master password to disk. I'll update the algorithm there, too.

Thanks,
Eric
Logged
PasswordMaker Forums
   
 Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
anything