0

Intro: I am trying to practice Python and Crypto by writing a simple Local Password Manager with Python and SQLite. The problem starts during registration. The user enters a Master Password which I keep in a table in SQLite after being hashed 1 time with SHA256. During login, I take the login time Password and re hash with SHA256 and compare both. If they match, I login. Now Whatever data the user encrypts or decrypts, is done using the same password hash that is stored in the DB. I am doing the encryption/decryption with AES By the way. Now SQLITE doesn't have a default security measure, so anyone having access to the DB can simply decrypt all the data simply using the hashed password as that is also the KEY itself. They don't even have to bruteforce/rainbow table the password out. What I have found out, that I have to use Key Stretching and PBKDF2 to generate a KEY or MULTIPLE KEYS for encryption/decryption.

Now I have been trying to do that for days with no luck. All I have got to do is to generate a super secure HASH using PBDKF2, but how am I going to derive an Enc/Dec key out of that? coz if I use the same key for enc/dec, then no use using the algorithm and running hmac over hmac if the result is itself the master key used for Enc/Dec. Nobody even needs to reverse that. I have also heard that PBDFK2 can generate secondary keys out of the Master Key that I can use for enc/dec, but I have dug into pycryprpto, cryptodome official documentations and never got to the point of how that is actually done. Even if I consider the fact that it's possible, the magic of PBKDF is randomizing salts and hmac ing over and over, so never ever the value returns for a same set of strings will ever return same. So how can even I verify if the login time password hash is equal to the saved password hash? . Second thing I tried is, to check the login time and DB saved hash is by providing same salts and even if they are true, What should I use as the 16 or 24 or the 32 byte key to actually encrypt and decrypt the data? I got no where researching about this. . . . There is also a reddit version of this. If it helps: https://www.reddit.com/r/learnprogramming/comments/cken8f/how_to_securely_store_a_master_password_hash_onto/

C0DEV3IL
  • 27
  • 6
  • 1
    Please reduce your question to what is essential and remember: a few lines of code can say more than a thousand words. – Klaus D. Aug 12 '19 at 03:13
  • I can say in pseudocode. But the problem is how/what am I supposed to do with a complex hashed pbkdf2 key? Well the pseudocode is simple. On start -> Registration -> User enters master key -> db.save - SHA256(Master Key) on Login -> Ask for master key -> compare db.master key to sha256(user_key) -> if true -> login. Use same key for enc/dec. Problem -> As the db saved hash IS THE KEY, no need to crack, just use the hash to decrypt data. Question, I got response that I need to use PBKDF2. Well HOW exactly? – C0DEV3IL Aug 12 '19 at 16:31

1 Answers1

0

To answer your needs, you could use the example given by a known password manager, e.g. KeePass (see https://keepass.info/help/base/security.html).

You already have one element : the master key, directly derived from the password (or/and other elements for the exemple). Using a key derivation algorithm to generate an encryption key, you make it harder to retrieve the database content (the more rounds the better, see HKDF for instance).

However, you will figure that it might be an insufficient protection, that's why KeePass also offers KeyFiles, as explained in How does a key file increase the security of a password manager?

Community
  • 1
  • 1
Lou_is
  • 259
  • 3
  • 11