bjk's blog

April 18, 2015

Pwmd and cipher iterations

Filed under: projects, pwmd — bjk @ 7:56 pm

I’m going to change how pwmd 3.0.x handles the “SAVE --cipher-iterations” command. Rather than make the parameter a count of the number of times to encrypt the XML data, it will be more like OpenPGP and to use it as the number of times to re-hash the passphrase that is used to encrypt the XML data.

Since the XML data is always encrypted using a 256-bit cipher key derived from the hash function, no matter the cipher, then it makes sense to spend time hashing the passphrase rather than encrypting the XML data.

The way it is now in pwmd 3.0.x is that an attacker could brute force the passphrase by taking the salt which is stored in the data file header and rehash a dictionary word the default number of times (1000 as it is) then test the hash against the generated hash at attack runtime. An attack like this is unlikely as far as I understand, but this attack may be much quicker than brute forcing the (hashed) 256-bit cipher key used to encrypt the XML even when there are no XML cipher iterations.


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Blog at

%d bloggers like this: