Replies: 1 comment 1 reply
-
|
I'm actually in favor of this as well. I know @phoerious has differing opinions. I would be in favor of a security option that enables "more encryption security" that keeps the current behavior. This behavior also makes using a yubikey a pain in the butt because it needs to be plugged in to save the database. One issue from a crypto standpoint is that the HMAC key for the database encryption is calculated using the master seed and the transformed key. If you don't rotate the master seed then that may cause a weakness in the database encryption authentication. Would need to analyze that further. https://github.com/keepassxreboot/keepassxc/blob/develop/src/format/Kdbx4Writer.cpp#L108 |
Beta Was this translation helpful? Give feedback.
-
|
If you change your database so often, you should rather disable auto save temporarily. I also don't really see the point why you want stronger KDF parameters. If you benchmark it to about a second and assume that an attacker has a bruteforcing rig that is a thousand times faster than your PC, it is still impossible to crack a good password. At some point, your KDF parameters will be so strong that it takes less time to guess the pseudo random AES key bits, so attackers will do that instead. |
Beta Was this translation helpful? Give feedback.
-
It appears that KeePassXC generates a new salt and computes the KDF every time the database is saved. I'm not a cryptography expert, but it seems that this is unnecessary as long as a new nonce/IV is used every time. Only changing the salt when the password is changed would reveal when the password has been changed to an attacker that can access the encrypted database multiple times, but it would allow users to use stronger KDF parameters since we only have to compute the KDF when the database is unlocked.
Beta Was this translation helpful? Give feedback.
All reactions