Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Alternative Passphrase Methods (markdown)

dschuermann 2014-12-29 11:54:18 -08:00
parent 490dd18674
commit 1ee32c3d0e
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
Alternative-Passphrase-Methods.md

@ -3,18 +3,19 @@ As a general mechanism, we can add a non-exportable direct key signature to any
Exemplary types of such auxiliary information could be flags that the passphrase should be entered as a pin, lock pattern, or obtained via nfc.
### NFC
* Easily be lost together with the smartphone
* Protects against shoulder surfing
* Remote readable when in pocket?
### Lockpattern
* Weak: Offline brute force attacks
* Smudge attacks
### PIN
* Weak: Offline brute force attacks
## Export
As on private key export for a new extra long passphrase to protect against offline attacks!
## Attack model
| Attack | Passphrase | NFC | PIN | Lockpattern |
|-------- |--- |--- |--- |--- |
| Offline brute force attacks | yes | yes | no | no |
| Lend smartphone to other guy | | | | |
| Shoulder surfing | no | yes | no | no |
| Smudge attacks | yes | yes | yes | no |
Differentiate between offline attacks and attacks where an attacker has only short access to the smartphone UI.