Encrypting everything?
The Agile Keychain kept some information (most notably Location and Title) unencrypted so that these could be used to search for or identify a particular item, while the more sensitive content could remain encrypted. [...] Some metadata remains unencrypted: Which folder an item is in; what category (Login, Credit Card, …) an item belongs to; creation time; modify time; and last sync time. Link: http://learn.agilebits.com/1Password4/Security/keychain-design.html#encrypting-everything
Why do you think that the title or creation time isn't sensitive content? I suppose attacker may be interested in what sites you visit, more than passwords to access them. And by the way, if attacker knows exactly where the interest password is situated, so it will be easier to hack it?
Comments
-
Hi @blualeono,
Thanks for taking the time to contact us. The only information that is stored in the clear is the metadata about your sensitive data not the sensitive data itself. You can easily see a list of what is stored in the clear in the Agile Keychain Format by simply looking at the View > Columns menu in 1Password for Mac. Here is the list for your convenience:
- Icon
- Title
- Location
- Type
- Modified Date
- Created Date
- Folder
- Tag
Password strength used to be included in that list as well, but that was changed way back in November 2011.
This is outlined in a few different places in the User Guide. From the Agile Keychain Design document:
The Agile Keychain is nearly identical to the Mac OS X keychain in terms of what is kept encrypted and what is left open in plain text. The distinction is an important trade-off between security and convenience. The more that is encrypted, the less a would-be thief can access, but it is also necessary to leave enough open to allow applications to freely access certain items without needing to decrypt every single entry each time. The Mac OS X keychain nicely balances security and convenience, so the Agile Keychain follows suit.
>
Here is an example entry from the Agile Keychain:
@{ "title" : "dave @ AWS login", "locationKey" : "perfora.net", "encrypted" : "...", "typeName" : "webforms.WebForm", "securityLevel" : "SL5", "openContents" : { "createdAt" : 1216012929, "updatedAt" : 1216012929, "usernameHash" : "...", }, "location" : "https://webmailcluster.perfora.net:443/xml/webmail/Login", "uuid" : "0A522DFCAE6442D991145BC76E55D343", "folderUuid" : "A90D66D1A4E34481BDF03DDEA9F511AC" }As you can see, not all the information is encrypted. Most notably, the name/title of each entry (i.e. dave @ AWS login) and the location/URL are open. Having these open allows 1Password to organize your data and display it without suffering the performance hit of needing to decrypt every single item. All the truly confidential information is stored in the encrypted section of the file.
The original form of the Agile Keychain left its assessment of password strength among the unencrypted data. This was removed in 2011.
The above file format is based on JSON (JavaScript Object Notation). It is a lightweight notation for structuring data without the overhead associated with formats like XML. As a side benefit, these JSON files can be loaded directly into a web browser. The name of the file is based on the UUID (Universally Unique Identifier) of the item. This guarantees the filename is unique and will stay the same even when items are renamed.
You can read more about this in the "Unlocked vaults or unlocked boxes" section of the Security of storing 1Password data in the Cloud document.
As hinted at in the aforelinked Defending against 1Password harvesters, the new Cloud Keychain format already in use for iCloud syncing encrypts or well-obfuscates even the metadata. You already linked to the design document for the Cloud Keychain format, but here is the link again:
1Password 4 Cloud Keychain design
As we move forward, the Cloud Keychain format will be used in more places.
If we can be of further assistance, please let us know. We are always here to help!
0
