Keys present in .agilekeychain file
While having a peek at the contents of the .agilekeychain file which I have syncing through DropBox, I came across the files:
* /data/default/1password.keys
* /data/default/encryptionKeys.js
Also I read the following blog post: https://blog.agilebits.com/2014/01/12/dropbox-breach-hoax-1password-security-master-password/
which contains the phrase:
"Those keys are never stored anywhere or transmitted. Nobody, not even us at AgileBits, ever sees those keys or your Master Password."
Of course, you can already guess the resulting thoughts. Can someone explain how these two things relate? What are these "keys" in the .agilekeychain file which, according to the blog post, cannot be keys?
Thanks!
Comments
-
Hi @chrisbrandhorst,
I realise it seems like you've been ignored but it genuinely isn't the case. Given you've highlighted a specific part of a post there I don't feel confident answering on behalf of the author and would much prefer to let him explain. That way I avoid misinterpreting something myself and causing yet more confusion.
I'll let @jpgoldberg respond if you don't mind so we can avoid any potential misunderstanding.
0 -
Those blobs listed as SL3 and SL5 in those keys files are actually randomly generated data that is encrypted with a key derived from your Master Password.
Your Master Password is processed to produce what is called a Key Encryption Key (KEK). In this case, we use the KEK to encrypt a 1024 bytes of data that is randomly created at vault creation time. So what you see there are encrypted blobs of data. They are encrypted with (a key derived from) your Master Password.
The keys that are used to encrypt your data are the result of hashing those blobs once decrypted. All of this is so that we have plenty of genuine entropy to work with irrespective of your Master Password. That is, we need truly random keys, even if people's Master Passwords are not truly random.
So what is transmitted as keying material is encrypted random data. I hope that this helps.
0 -
Hi @jpgoldberg,
Thanks for the clarification! Seems legit ;-)
I wasn't "worried" to begin with, just wanted to know what is stored on external servers.Cheers
0 -
I'm glad I could help @chrisbrandhorst.
I think it is great that people are curios and are poking around trying to make sense of what they see in light of our documentation.
The underlying design is far more complicated than things appear on the surface. We really wish it didn't have to be that way, but proper security needs to use truly random keys, irrespective of the Master Password; so the relationship between your Master Password and how things are actually encrypted involves a number of steps.
As a consequence it makes documenting these things hard. We certainly don't want to conceal anything about the design. Indeed, the details of our data formats is documented in gory details. But it does mean that in the documents that we expect most people to look at, we have to provide shorter descriptions.
If you are curious about how we manage to design things so that "Nobody, not even us at AgileBits, ever sees those keys or your Master Password" take a look at Private by Design.
0