Skip to content

Key derivation transformation seed stays the same on every save. #1051

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mstarke opened this issue Oct 9, 2017 · 3 comments
Closed

Key derivation transformation seed stays the same on every save. #1051

mstarke opened this issue Oct 9, 2017 · 3 comments
Assignees
@droidmonkey
Labels
high priority 🚨 security
Milestone
v2.2.2

Comments

@mstarke
Copy link
Contributor

mstarke commented Oct 9, 2017

Expected Behaviour

  • the key derivation should use a random seed every time the key is used for saving

Current Behaviour

  • the seed is created (or loaded) only once and then reused every time when saving the database iff no key change happened

Possible Solution

  • generate a random transformation seed every time the database is stored

Debug Info

KeePassXC - 2.21
Revision: 2bce9c8

Operating system: macOS 10.12
CPU architecture: x86
@mstarke mstarke mentioned this issue Oct 9, 2017
Closed
@phoerious
Copy link
Member

The master seed and encryption IV are regenerated every time the database is saved:

keepassxc/src/format/KeePass2Writer.cpp

Line 48 in 3e84c0a

QByteArray masterSeed = randomGen()->randomArray(32);

The transform seed, however, is not. There is no real incentive behind this other than that it was carried over from KeePassX and we never touched that part of the code. I don't know if the original author did it as a (questionable) performance optimization or simply forgot to regenerate it. I do agree that this should be changed.

@phoerious phoerious added this to the 2.2.2 milestone Oct 9, 2017
@droidmonkey droidmonkey self-assigned this Oct 11, 2017
@rockihack
Copy link
Contributor

@droidmonkey I fixed the issue and can send a pull-request if you want.

rockihack/keepassx@1b0e1c2

@droidmonkey
Copy link
Member

yes please do. target for 2.2.2

@rockihack rockihack mentioned this issue Oct 13, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@droidmonkey droidmonkey

Labels
high priority 🚨 security
Projects
None yet
Milestone
v2.2.2
Development

No branches or pull requests
4 participants
@mstarke @phoerious @rockihack @droidmonkey