Mirrors
/
open-keychain
mirror of https://github.com/open-keychain/open-keychain.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Alternative Passphrase Methods (markdown)

dschuermann 2014-12-29 11:46:17 -08:00
parent dcfcda6e0f
commit 66941a60b6
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Alternative-Passphrase-Methods.md

@ -1,4 +1,4 @@
* New subpacket
## Tech
As a general mechanism, we can add a non-exportable direct key signature to any keyring which carries a "hint" to the key's passphrase in one of its subpackets. This way, we can store auxiliary semantics about a passphrase while retaining the design principle that all information stored in the database is contained entirely in the keyring blobs.
Exemplary types of such auxiliary information could be flags that the passphrase should be entered as a pin, lock pattern, or obtained via nfc.
@ -13,6 +13,7 @@ As on private key export for a new extra long passphrase to protect against offl
## Attack model
| Attack | Passphrase | NFC | PIN | Lockpattern |
|-------- |--- |--- |--- |--- |
| Offline brute force attacks | yes | yes | no | no |
| Lend smartphone to other guy | | | | |
| Shoulder surfing | no | yes | | |