[messaging] Multiple devices and key synchronization: some thoughts

Trevor Perrin trevp at trevp.net
Sat Jan 3 12:05:14 PST 2015


On Sat, Jan 3, 2015 at 10:04 AM, Sam Lanning <sam at samlanning.com> wrote:
>
> When prompted to create a new ID, a user enters their full name, and a
> password (with appropriate UI to encourage strong passwords). Now this
> data is then solely used to generate pseudorandom data for key
> generation of the master keypair. (e.g. using PBKDF2)

This means anyone who receives or sees one of your messages can
attempt  password cracking.

It would probably have the same useability and better security if you
generated the master key through a secure RNG, then encrypted the
master private key with the password and synchronized the encrypted
blob to your devices through some service.

Then only the service could attempt password cracking.

I'm not taking a position whether any of this is a good idea.
User-chosen passwords are often weak.  But this flexibility is at
least possible with the "synchronize the master private key" between
devices approach, which I've been advocating.


Trevor


More information about the Messaging mailing list