What if keys are compromised?


#1

Hello everyone,

I have a question which might sound dumb, but still, I want to ask it :slight_smile:

I have created some local backups and I have a JSON file in the keys directory.

What happens if someone grabs the encrypted backups directory along with this key file? Can someone still use some brute force technique and decrypt my data?

🍺 $ cat keys/<REDACTED>  | jq .
{
  "created": "2019-03-12T16:56:21.844953+11:00",
  "username": "<REDACTED>",
  "hostname": "<REDACTED>",
  "kdf": "scrypt",
  "N": 32768,
  "r": 8,
  "p": 6,
  "salt": "<REDACTED>",
  "data": "<REDACTED>"
}
🍺 $

Cheers,
Vikas


#2

All data in the repo is encrypted (and signed) with the “master keys”. In order to decrypt the “master keys”, you need the content of a key file together with the correct password. The data in the N, r, p and salt attributes of the JSON document together with the password are used with the scrypt() key derivation function (KDF) to compute a set of keys, which can then be used to decrypt the master keys in the data attribute.

The crux is that evaluating the scrypt() function to get the keys from a password takes a lot of time: It is configured so that running the function for a single password takes at least 500ms on the current machine.

To get back to your original question: Even if attackers have access to the data in the repo (but not the password), mounting a brute-force attack and trying to find a valid password for one of the key files in the repo is not feasible. Assuming attackers have a machine ten times more powerful than your current machine, they need 50ms per password, which means 20 passwords per second. That’s really slow :slight_smile:

The only exception would be if you use a really really short password, then it’s possible to find it in reasonable time.

Does this answer your question?


Cryptographic Key Storage
#3

It surely does, thank you!