You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The problem is the key stretching is being executed not only when opening a .kdbx database, but also when saving changes to the database.
This bug affect users which change key stretching parameters in order to make bruteforcing harder (i.e. take 10-30 seconds or more for every burteforcing attempt on modern computer).
Steps to Reproduce
Create new database.
Change the key stretching settings so the key stretching take about 30 seconds.
Save and lock the database.
Measure the time needed for the database to open.
Make changes, save changes and measure the time needed to save the database.
Compare the time from step 4 and step 5. It should be identical, so I assume that the reason for this is the key stretching.
Expected Behavior
I expect that saving changes would happen instantly and key stretching to be performed only when opening the database.
Actual Behavior
Saving changes take time because key stretching computation is performed every time the data is saved. And computer goes "brrr..." because the key stretching is computational intensive.
Operating system: Ubuntu 18.04.4 LTS
CPU architecture: x86_64
Kernel: linux 4.15.0-111-generic
Enabled extensions:
Auto-Type
Browser Integration
Legacy Browser Integration (KeePassHTTP)
SSH Agent
YubiKey
Operating System: Ubuntu Linux
Workaround
It's possible to use external key stretching app (like slowkdf), but this is not practical and there is a risk of accidental copy/paste/clipbord leaks (pasting the stretched key into random window, malicious clipboard malware).
The text was updated successfully, but these errors were encountered:
You mean key transformation. To increase security, KeePass databases use a new randomized nonce every time you save the database. Setting the key transformation time to 1 Second is more than sufficient to prevent brute force attacks.
Why not use the same key for encryption and use new nonce at the same time?
Passphrase -> key stretching algorithm -> key
Then, use the key and random nonce to encrypt the data. Is there a reason to introduce the random nonce in the first step (passphrase -> key stretching) instead of after the key is stretched (key -> encryption)?
If the attacker have access to the key this means he have access to the RAM and most likely also have access to the passphrase.
Overview
The problem is the key stretching is being executed not only when opening a .kdbx database, but also when saving changes to the database.
This bug affect users which change key stretching parameters in order to make bruteforcing harder (i.e. take 10-30 seconds or more for every burteforcing attempt on modern computer).
Steps to Reproduce
Expected Behavior
I expect that saving changes would happen instantly and key stretching to be performed only when opening the database.
Actual Behavior
Saving changes take time because key stretching computation is performed every time the data is saved. And computer goes "brrr..." because the key stretching is computational intensive.
Version
KeePassXC - Version 2.3.1
Revision: 2fcaeea
Libraries:
Operating system: Ubuntu 18.04.4 LTS
CPU architecture: x86_64
Kernel: linux 4.15.0-111-generic
Enabled extensions:
Operating System: Ubuntu Linux
Workaround
It's possible to use external key stretching app (like slowkdf), but this is not practical and there is a risk of accidental copy/paste/clipbord leaks (pasting the stretched key into random window, malicious clipboard malware).
The text was updated successfully, but these errors were encountered: