All data in the repo is encrypted (and signed) with the “master keys”. In order to decrypt the “master keys”, you need the content of a key file together with the correct password. The data in the
salt attributes of the JSON document together with the password are used with the
scrypt() key derivation function (KDF) to compute a set of keys, which can then be used to decrypt the master keys in the
The crux is that evaluating the
scrypt() function to get the keys from a password takes a lot of time: It is configured so that running the function for a single password takes at least 500ms on the current machine.
To get back to your original question: Even if attackers have access to the data in the repo (but not the password), mounting a brute-force attack and trying to find a valid password for one of the key files in the repo is not feasible. Assuming attackers have a machine ten times more powerful than your current machine, they need 50ms per password, which means 20 passwords per second. That’s really slow
The only exception would be if you use a really really short password, then it’s possible to find it in reasonable time.
Does this answer your question?