[Standards] Encrypted Storage (Was: off-server archives with MAM)

Thijs Alkemade thijs at xnyhps.nl
Sat Apr 18 10:34:24 UTC 2015


> On 18 apr. 2015, at 11:59, Thijs Alkemade <thijs at xnyhps.nl> wrote:
> 
> 
>> On 18 apr. 2015, at 11:42, Georg Lukas <georg at op-co.de> wrote:
>> 
>> 1. When a user logs in for the first time, an asymmetric keypair is
>> created (I was thinking of Curve25519, where key creation is almost
>> free). The private key is encrypted with a key derived from the user
>> password / SASL state (https://www.zash.se/mod_storage_encfs.lua.html is
>> a PoC for that).
>> 
>> 2. All data that is stored for the user is encrypted with their public
>> key and appended to their "container".
> 
> What do you mean with “SASL state”? All of the data the server has after a
> SCRAM-SHA-1 exchange is either a) stored on the server, b) session specific.
> You can’t derive a key from that which the server could not derive on its own.

Zash pointed out to me that I was wrong. The ClientKey does not change between
sessions, is not stored on the server (during normal operation) and the server
does compute it during login. It could be used to derive a key.


Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150418/39d884b5/attachment.sig>


More information about the Standards mailing list