I am aware of other questions asking similar things as this one, but I believe this design addresses many of the issues raised in those questions. I’m also not concerned with making sure there’s no database to store, only that the database doesn’t store any secrets.
Using some key derivation function KDF where KDF requires a secret managed elsewhere With master password provided from elsewhere Password requirements are the rules of what are allowed by the site, i.e. length, allowed character classes, required classes # To register with a new site With username provided from elsewhere With password requirements provided from elswhere Create a salt Store site,password requirements,username,salt Create key by KDF(salt, master password) Convert key to generated password to fit password requirements Give username and generated password to site Register # To login to a site Retrieve password requirements,username,salt by site Create key by KDF(salt, master password) Convert key to generated password to fit password requirements Give username and generated password to site Login
Let’s say an attacker acquires both the store and the plaintext generated passwords, but not any secret parameters to the KDF.
- Does this design make it any easier for the attacker to find the master password than by a brute force attack?
- Is a brute force attack on this design easier than a brute force attack on an encrypted password store?
- Is this in any other way easier to attack than encrypted password managers that derive the encryption key from a master password?
Of course the list of sites and usernames itself is important information. I’m only wondering about the security of the master password.
Go to Source