Fwd: KWallet weaknesses (was: [PATCH] Make pinentry-qt read and store passphrases in KDE 3.2's wallet)
George Staikos
staikos at kde.org
Sat Dec 6 19:34:49 GMT 2003
On Saturday 06 December 2003 08:08, Dirk Mueller wrote:
> > The problem is that people won't just store unimportant data in the
> > wallet. No, they will also store highly sensitive passwords in the
> > wallet. Why? Because they don't know better.
>
> I think the 1-password-for-n passwords is quite easy to swallow. much
> easier than the readable-for-everyone passwords in kmailrc (just giving an
> arbitrary example).
>
> Anyway, we can change the passphrase-to-key algorithm to fit Werner's
> doubts. Just needs somebody doing it, possibly before 3.2 release.
I am definitely not opposed to this, I just need to find time which I don't
have right now. What I DO oppose is linking in any external libraries. The
other thing that needs to be fixed is my FIXME regarding the random source.
Sorry I'm not participating too much in this thread, but I just don't have
time. I did go over the code again, re-read relevant sections of Applied
Cryptography, re-read the VPN insecurities paper, read some other
implementations of similar code, and more, and of course I could not find
anything wrong with the encryption algorithm other than the two noted above.
Known. Well I'm not sure that the pass->key code is bad, but of course it's
non-standard. Anyhow, good to see auditting happening in this code, finally.
The nice thing is that I can change any of these parts for future releases
without breaking everyone's setup too.
If anyone has a suggestion for the changes above that are easy to implement
and don't require external libraries, please let me know.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list