Your Secret Key was created on your own device.

SecretSquirrel
SecretSquirrel
Community Member

The website indicates that "we have no record of your Secret Key and can’t recover it." But, a 1Password account login is created that, it seems, would be synchronized via the 1Password server; so, doesn't the Secret Key wind up on the 1Password server via syncing the account login, which contains the Secret Key?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Hi @SecretSquirrel

    Not really, as to decrypt that Login item you'd need the Secret Key. ;)

    Does that make sense?

    Ben

  • ok, so the secret key is synced via the 1P server, but even if the server is hacked, no one can access the logins without the secret key; so, the secret key is encrypted and still inaccessible to anyone without the actual secret key in plain text. Correct?

    That's quite the mouthful, but yes, that sounds right. All items within 1Password are encrypted using your Master Password and your Secret Key... including the starter kit items.

    Also, is the secret key on my device stored in that login, or is the secret key stored elsewhere in 1P?

    Elsewhere. It is stored in the SQLite database for the 1Password for Mac app, and in your browser's local cache for 1Password.com.

    Ben

  • So, what happens if I clear out my browser's cache? I would then have to sign back in with the secret key?

    Correct.

    Is the secret key in the cache also encrypted?

    No. Your browser couldn't read it if it were. :) The Secret Key isn't designed to be secret within your system.

    Ben

  • The purpose of the Master Password is to protect your data that is on your computer. The purpose of the Secret Key is to protect the data that is on our servers. Again the intention for the Secret Key isn't for it to be secret within your system. I would be concerned that you are allowing someone else to use your user account on your computer, and not just for that reason. From our interactions it seems you're pretty concerned with privacy and security, so allowing someone else to use your user account seems fairly counter to that?

    About your Secret Key

    Ben

  • rickfillion
    edited April 2020

    Hi @SecretSquirrel,

    Ben is correct in pointing out that the purpose of the Secret Key is to make sure that our servers don't become a honeypot. But you're also being perfectly reasonable in wanting to make sure that we take all of the precautions that we should with anything of yours on any system.

    I can point out how the flaw you're alluding to could be exploited. In doing so I think it'll help explain some of our rationale and then I can explain further beyond that. The exploit would be that an attacker could obtain the data off of your disk, and in doing so they'd have 2 of the 3 pieces needed to access your secrets: your encrypted data (assuming they got it from something like 1Password for Mac), your secret key, and your Master Password. Honestly, this is the most reasonable attack vector for getting at someone's 1Password data, and it's why I use things like Full Disk Encryption and am generally paranoid about where I bring my Mac. So now with 2 of the 3 pieces, the attacker needs to start work on the 3rd: your Master Password. They don't need 1Password itself to attack that as we're pretty open about what's needed to derive the encryption keys, so the person can build a tool to start something like a dictionary attack. If you've got a weak Master Password it won't take terribly long to get to it.

    So let's talk through protecting the Secret Key. If we can make it inaccessible to the data thief we'll have made their job much much harder. We tend to say that the secret key is stored in plain text, but that's not quite true (except in the CLI where it literally is plain text). We obfuscate the secret key on disk. This tends to be obfuscated by encrypting it with a key that's baked into our app. This slows down attackers and might even stop a bunch cause figuring out how to deal with that is some work. But from a true security perspective we must acknowledge that this doesn't buy us true security. The key is sitting there accessible to anyone that's dedicated enough to find it.

    Maybe we can find a better key then. One does exist, and I'll get to that in a bit...but before we do we have to look at our other options. We need a key that is specific to the user. A key that isn't accessible to an attacker that has physical access to your device. You brought up the Master Password as a possible source for the key. That checks both of our boxes. We could derive an encryption key from your Master Password, use that to decrypt the Secret Key, and then use both the Master Password and Secret Key to decrypt your data (or communicate with our server). What does the data thief grab in this case? They'll grab the encrypted data, the encrypted secret key. What are they going to do with that? They'll do exactly the same thing where they'll start running a dictionary attack and generate keys attempting to decrypt the encrypted secret key. Once they've found your Master Password which was effectively as hard as in the previous case they'll have your Master Password and Secret Key, which they can use to decrypt your data.

    There's also a pretty big downside to using the Master Password as a form of long-term key that way. What happens if you change your Master Password on another device? On the first device you'd need to first use your old Master Password to decrypt the Secret Key, then talk to the server only to discover that the Master Password is old, and you'd need to then provide your new Master Password. Alternatively you'd need to know to provide both your new Master Password and the Secret Key. This would be a very large usability problem. One that we know well because for a long time that's because that's what was required in 1Password when syncing via something like Dropbox and your Master Password changed.

    Sadly there just isn't much we can use as the key to provide real protection here when you're looking at these scenarios. There are two options though.

    1. Some operating systems (iOS) provide quite good keychain implementations. On iOS we could create a truly random key and put it into the keychain. The keychain has some nice features like only giving the data to an app if the codesignature of the app matches. From that we can be reasonably assured that only the official 1Password app could extract and use the key. Exfiltrating data off of an iOS device isn't super common though compared to a desktop.
    2. Devices with secure enclaves and an OS that makes use of it could help. Much like the iOS case, the T2 chip on the Mac can be used to secure data. We use this feature to secure the encryption key that makes unlocking with TouchID on the Mac. Technically something like that could also be used for the secret key (if I'm remembering the details right).

    Let's loop back up to the top. The Secret Key's purpose in life is to ensure that should our servers ever have data stolen off of them that your data is secured. Would it be nice if the Secret Key also gave you local security benefits? Absolutely. But that's not its goal and so far none of us has managed to find a way to get you local security benefits from it.

    I hope this helps.

    Rick

  • I'm glad to hear Rick's explanation was helpful. :) As always, if you have further questions, we're happy to help. :+1:

    Ben

This discussion has been closed.