Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for Yubichallenge with KeepassXC DB #4

Closed
jskvbinmv opened this issue Sep 25, 2017 · 84 comments

Comments

@jskvbinmv
Copy link

commented Sep 25, 2017

Databases created with KeepassXC and secured with password and Yubikey Challenge Response don't trigger the yubichallenge app. Instead they open the file browser dialogue.

Please add funcionality for KeePassXC databases and Challenge Response

@PhilippC PhilippC added this to the 1.03 milestone Oct 2, 2017
@JRussell

This comment has been minimized.

Copy link

commented Oct 5, 2017

Challenge Response fix would be fantastic! If you need any early testers let me know. I use a Yubikey 4(no NFC) and would love to eventually have support for that. I'm in the beta group for KP2A also.

@RinnosukeETQW

This comment has been minimized.

Copy link

commented Oct 22, 2017

Add me to the list of people who have a yubikey 4 and would like USB-OTG support. keepass2android is the only reason I'm not using my yubikey for keepass at the moment.

PhilippC pushed a commit that referenced this issue Oct 24, 2017
…rently waiting for keepassxreboot/keepassxc#1060), also missing support for saving at the moment and mem-leaking PasswordActivity
@PhilippC PhilippC assigned PhilippC and unassigned PhilippC Nov 21, 2017
@andmib

This comment has been minimized.

Copy link

commented Dec 16, 2017

Also very interested in giving this a shot. How will we know when/if this is implemented? I'm eager to protect my KeepassXC database with challenge-response.

@whereisaaron

This comment has been minimized.

Copy link

commented Dec 24, 2017

@JRussell @RinnosukeETQW doesn't inserting a non-NFC yubikey suppress the Android on-screen keyboard? Or are you using Android as a desktop and don't care about that?

@RinnosukeETQW

This comment has been minimized.

Copy link

commented Dec 26, 2017

@whereisaaron nope, fully able to use on screen keyboard with a USB yubikey inserted here, and that's on a note 8

@Matvei27

This comment has been minimized.

Copy link

commented Jan 12, 2018

I really want this too.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Jan 15, 2018

the KeepassXC implementation has been updated so it should now be possible to implement this. Current obstacle is that I simply don't find my Yubikey anymore :-(

@jskvbinmv

This comment has been minimized.

Copy link
Author

commented Jan 15, 2018

@PhilippC I might be able to help with testing if you tell me how.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Jan 15, 2018

thanks for the offer, but I'll need a physical device for testing on my own. I'll search, search and search...

@RinnosukeETQW

This comment has been minimized.

Copy link

commented Jan 15, 2018

If you can't find it, I'm sure there's plenty of people who recently replaced their 4 thanks to the infineon bug that will have an old one. I mean it was a free replacement so why not? The issue with those yubikeys was PGP so yubichallenge should work just the same.

@rmenessec

This comment has been minimized.

Copy link

commented Jan 19, 2018

@RinnosukeETQW

If you can't find it, I'm sure there's plenty of people who recently replaced their 4 thanks to the infineon bug that will have an old one.

And there was a flaw before that that affected the NEOs, too. I have several older YubiKeys about the place.

@andmib

This comment has been minimized.

Copy link

commented Jan 21, 2018

@PhilippC I will help pay for a YubiKey 4 NEO. If you give me your info or donate linked or whatnot, I can send (money) over. I'm very interested in seeing this implemented.

@tuxinaut

This comment has been minimized.

Copy link

commented Jan 21, 2018

@PhilippC PhilippC modified the milestones: 1.04, 1.05 Jan 22, 2018
@yubichris

This comment has been minimized.

Copy link

commented Feb 15, 2018

@PhilippC go to yubi.co/support, let us know what YubiKey model(s) you require, and we'll send them to you :)

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Feb 16, 2018

thanks for your comment, @yubichris . I tried this a while ago but without answer. Hope it will work this time!

@Bassetts

This comment has been minimized.

Copy link

commented Mar 4, 2018

@PhilippC did you get anywhere with Yubico? If not I am happy to donate either Yubikey(s) or to give a monetary donation towards the model(s) you would require.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Mar 6, 2018

@Bassetts yes, I have received a Yubikey. I am pretty busy with a few other things during the next weeks so this might still take a bit of time, but I will definitely try to bring it into the 1.05 release.

@IPv777

This comment has been minimized.

Copy link

commented Mar 13, 2018

+1

@racemouse83

This comment has been minimized.

Copy link

commented Mar 23, 2018

Awesome, been waiting for this to happen for a long time so I can migrate from not-so-nice KeePass to a-lot-more-nice KeePassXC while still using my YubiKey. :) Not to stress you but do you have any estimate when 1.05 can be in beta? @PhilippC

If there is any testing etc one can help out with, please shout!

Thanks for your awesome app!

PhilippC pushed a commit that referenced this issue Apr 10, 2018
requires write support, handling of Challenge/Response errors (or user cancels). Caution: saving corrupts the file at the moment!
@wbedard

This comment has been minimized.

Copy link

commented Jul 22, 2018

@rmenessec, et al.
I just wanted to post a quick update after the run of troubleshooting I posted a couple of weeks ago.

First of all, I want to publicly thank whoever contacted Yubico on my behalf. After I suggested that they would not likely provide support to an issue involving a pre-release 3rd-party app, I was surprised when they contacted me to assist me with the issues described in this thread and to let me know about their recall campaign on my early "developers edition" YubiKey NEO. They basically arranged to send me a replacement device and the whole experience was a great example of the amazing support provided by Yubico.

As soon as I received the new device, I programmed it with the same Challenge-Response codes I was using for testing in KP2A. However, this new device still would not unlock my test database. At that point, I just set it aside and continued to follow this thread for future developments.

Most recently, I saw mention of the ykDroid app, which I was previously unaware of. My previous testing was performed with and without the YubiChallenge app. After reading up on what ykDroid does, I replaced YubiChallenge with ykDroid on my Nexus 6. In this configuration, I was finally able to open my test database, using both the old and new NEO devices. I repeated the same process on my Nexus 5 and it also works on that device. Suffice it to say that I am thrilled to finally have this working.

I hope this feedback helps @PhilippC as he continues to develop this app. I also hope it provides some much deserved praise both to Yubico for their amazing level of support to their customers and to @pp3345 for his useful "driver app" that finally made this whole process work for me. Thanks again for everyone's continued effort to make KP2A such an amazing app!

R/
wbedard

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Jul 23, 2018

thanks for the feedback. I have just published an update to beta channel which requires ykDroid. I have removed the built-in NFC Challenge-Response handling to get rid of the NFC permission. Also ykDroid has a better implementation.

@wbedard

This comment has been minimized.

Copy link

commented Jul 23, 2018

@PhilippC, has anyone reported crashes in the new 1.06 release of KP2A? I looked here and in the Google+ Beta community but I didn't see any mention of it. When testing against the same workflows discussed in this thread, the new release crashes after reading the NEO (you can read the toasts about processing the master key...) and does so on both my Nexus devices. Rolling back to the previous beta release still works as previously reported. I'll post some logs over on Pastbin in a little bit but I wanted to give you a heads-up.

(Update: Link to logcat from my Nexus 6: https://pastebin.com/UDRn5Tf8)

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Aug 15, 2018

@wbedard you are seeing #474

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Aug 15, 2018

closing this as the implementation seems to be accepted

@aol-nnov

This comment has been minimized.

Copy link

commented Aug 17, 2018

@PhilippC sorry to bother you here, but I'm not sure if cross-project mentions work. Could you please follow the linked ykDroid PR and add some thoughts too? :)

@grenzor

This comment has been minimized.

Copy link

commented Aug 20, 2018

@PhilippC Will users be able to use PW+Keyfile+ChallengeResponse with the new implementation? If not, is it possible to support the option to do so?

@IPv777

This comment has been minimized.

Copy link

commented Aug 20, 2018

@phoerious

This comment has been minimized.

Copy link

commented Aug 20, 2018

TOTP ist not for unlocking the database. It is only a TOTP generator.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Aug 21, 2018

@grenzor please see #456 for this
@IPv777 TOTP support is already there, KP2A is compatible to TrayTOP, KeeOTP and KeeWeb TOTP style.

@gamdow

This comment has been minimized.

Copy link

commented Sep 22, 2018

I've been trying to get my Password + Challenge-Response (HMAC-SHA1) KeePassXC database open in Keepass2Android 1.06f using NFC (why I'm here). It started working once I changed the Key Derivation Function from "AES-KDF (KBDX 3.1)" (default) to "AES-KDF (KBDX 4)". I'm guessing this is unrelated to the use of NFC, but I'm too lazy to verify that.

@rmenessec

This comment has been minimized.

Copy link

commented Sep 23, 2018

@gamdow, the requirement for KBDX 4.x is right there in the release notes for K2A 1.06. You were literally forced to see it when you launched the new release for the first time.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Sep 23, 2018

@gamdow see keepassxreboot/keepassxc#1060 for the decision making process in KeepassX for this. Their old implementation was in general incompatible to most other Keepass implementation, they decided to keep the old way for backward compatibility and use the new way for KDBX4 databases.

@gamdow

This comment has been minimized.

Copy link

commented Sep 23, 2018

Thanks for responding to my comment. My main reason for posting was in case anyone had overlooked it as I had and was wasting time trying to fix the wrong problem.

@rmenessec, As previously stated, I'm quiet lazy, and reading release notes falls under that umbrella. I also upgraded to the 1.06 beta release in order to get NFC working, so the problems were conflated. Before inspiration struck, I wasn't even aware of KDF, so I wouldn't have recognized the incompatibility from reading release notes anyway.

That said, I assume the KDF version must be part of the DB meta-data in order to decrypt it? So could app not have warned me about the incompatibility when I tried to open it? Or does it rely on file extension?

@burkemw3

This comment has been minimized.

Copy link

commented Oct 17, 2018

Is there any guidance on expected time to unlock databases with password and yubikey challenge response? It's taking 30+ seconds on an Android phone for me, which is much longer than I expected and longer than the 1 second on a laptop.

Environment is Qualcomm SDM630 Snapdragon 630 Octa-core 2.2 GHz Cortex-A53. Test database encryption settings are AES-256, Argon2 KDF, 19 rounds, 64 MiB memory, 4 threads.

While opening, I see a dialog with the following text:

working

loading database... (Transforming master key...)

(Thanks for all your work on this app!)

@jonas-arkulpa

This comment has been minimized.

Copy link

commented Oct 17, 2018

@burkemw3 There are already multiple issues about this. One is assigned to the 1.08 milestone.
#306 #283 #106

@JRussell

This comment has been minimized.

Copy link

commented Nov 5, 2018

This stopped working for me and I'm not sure why. I haven't changed anything. Using kp2a, ykdroid and a yubikey4 over USB. My USB keys work fine in Windows but on my phone I'm getting a toast that says "The challenge response is incorrect." then just sits at "Working..." indefinitely. I usually use Nextcloud but also tried copying the database straight to my phone and both give the same results. I figured this should be here but let me know if I should open a new issue.

@IPv777

This comment has been minimized.

Copy link

commented Nov 5, 2018

@JRussell

This comment has been minimized.

Copy link

commented Nov 5, 2018

Maybe try to delete the data (and cache) of both apps (KP2A & ykDroid) ?

-------- Message d'origine -------- On 5 nov. 2018 à 19:45, JRussell a écrit :
This stopped working for me and I'm not sure why. I haven't changed anything. Using kp2a, ykdroid and a yubikey4 over USB. My USB keys work fine in Windows but on my phone I'm getting a toast that says "The challenge response is incorrect." then just sits at "Working..." indefinitely. I usually use Nextcloud but also tried copying the database straight to my phone and both give the same results. I figured this should be here but let me know if I should open a new issue. — You are receiving this because you were mentioned. Reply to this email directly, [view it on GitHub](#4 (comment)), or mute the thread.

I tried uninstalling and reinstalling both apps. Same result. I should add that this is happening on both of my phones. Sony XZ1 Compact and Pixel 3. Running the latest kp2a beta from the play store.

@PhilippC

This comment has been minimized.

Copy link
Owner

commented Nov 8, 2018

@JRussell I suggest you open a new issue for this.
Can you please

@JRussell

This comment has been minimized.

Copy link

commented Nov 8, 2018

new issue opened: #609

@meganleewebb

This comment has been minimized.

Copy link

commented Nov 19, 2018

@JRussell Might be unrelated, but I had the similar issue trying to share a db from KeepassXC. Found out that the version of the db was KDBX 3.1 . Changing it to version KDBX 4 and it all worked happily. I'm not using Argon2 yet, either if that makes any difference. Will change to that later when the decrypt gets faster.

@phoerious

This comment has been minimized.

Copy link

commented Nov 19, 2018

The decryption won't get faster. The speed depends on the number of transformation rounds you have configured. KDBX4 is generally slower, because it has a better derivation function. That is intended behaviour.

@lindhe

This comment has been minimized.

Copy link

commented Nov 19, 2018

I think the reason you experience that the db is very slow is mainly because of the Argon2 algorithm, rather than KDBX4 format per se. I might be misremembering, but I think Argon2 is much more memory intensive compared to AES. And since phones have much slower memory than a PC, it would be a pretty noticeable difference.

However, you can still use the KDBX4 format but with AES encryption. That would be much faster on a phone, but still support YubiKey on KeePass2Android.

@meganleewebb

This comment has been minimized.

Copy link

commented Nov 19, 2018

@lindhe is correct. I'm using AES until issue #306 is resolved.

@bungabunga

This comment has been minimized.

Copy link

commented Nov 19, 2018

are there any security drawbacks using AES-KDF vs. Argon2?

@lindhe

This comment has been minimized.

Copy link

commented Nov 19, 2018

are there any security drawbacks using AES-KDF vs. Argon2?

Kind of, but it mostly depends on your threat model. For most of us, the difference in security does not really matter.

Cracking processor intensive cryptos like AES can be sped up significantly (I'm guessing something like 1000x) by having dedicated hardware (ASIC) for the task instead of running the computations on general purpose hardware like a regular CPU/GPU. Memory intensive cryptos, on the other hand, is not very easy to speed up via dedicated hardware. I don't know if it's impossible, or just too hard to be worth the trouble.

But creating dedicated ASICs is hella' expensive, so unless you're up against state-sponsored actors, I'd say you're fine off with AES-KDF. A slight disadvantage of Argon2 is that it is not as old, so it has not been attacked for as long. So while we have no reason to believe it has any huge flaws, the risk is slightly higher compared to AES. Especially when considering the implementations, and not just the algorithms.

@phoerious

This comment has been minimized.

Copy link

commented Nov 19, 2018

ASICs can compute AES much faster than a general-purpose CPU, whereas Argon2 is a memory-hard KDF. That means you cannot arbitrarily trade memory for processing speed. Since memory access is as fast or slow on an ASIC as it is on a normal CPU and Argon2 guarantees a specific memory cost, an attacker cannot get these immense speed-ups anymore. It's also a lot slower in general with only few iterations compared to AES, which was never intended to be slow in the first place.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
You can’t perform that action at this time.