* The salt must be TOX_PASS_SALT_LENGTH bytes in length. * Same as above, except use the given salt for deterministic key derivation. * * returns true on success */ bool tox_derive_key_from_pass( const uint8_t *passphrase, size_t pplength, TOX_PASS_KEY *out_key, * * Note that this function is not deterministic to derive the same key from a * password, you also must know the random salt that was used. * The key should only be used with the other functions in this module, as it * includes a salt.
QTOX FORGOT PASSWORD PASSWORD
* The password is zeroed after key derivation.
* Be sure to not compromise the key! Only keep it in memory, do not write to disk. out_key must be at least * TOX_PASS_KEY_LENGTH bytes long. * Generates a secret symmetric key from the given passphrase. The PRAGMA directive apparently causes sqlite to perform it's own encryption operation using the given key. Such use of the salt guarantees that everyone's db file will have a different salt (and thus lookup/rainbow tables become ineffective).Įdit: The static-salted key is being saved as a PRAGMA within the DB, but doesn't seem to be otherwise used, I'm continuing to investigate. As such, during initial generation, the salt should be randomly generated from a TRNG or a CSPRNG source and then stored with the database file. The concept of a salt, especially in this case is such that it changes the way a hashing function or PBKDF works, preventing a single pre-generated rainbow table from being used against the chat history database. QTox's database key derivation routine uses a static salt, this is incredibly dangerous and detrimental to the security of the chat database file. Not sure if that's meant as a joke or something but since this singular byte array is set during compile time, all users who use pre-compiled binary versions or did not change this salt would have the same salt, effectively negating the password salt.Īn attacker can simply generate a rainbow table with this specific salt, and given access to the database file, attempt a brute-force attack that's amortized by his/her pre-generated table.
0 kommentar(er)
