Protecting .seb files without password prompt in SEB

SEB 2.0
2014-02-17
2014-02-21
  • Jarle Presttun
    Jarle Presttun
    2014-02-17

    Since the .seb files are stored as xml if not setting password in the "Config file" pane this is needed when distributing to prevent students updating the settings in a text editor.
    However I would like that the student won't have to enter the password to launch the exam. The user already has a username/password + day password, so another password is not wanted.
    Could there be an option to skip the password when opening in SEB, or alternatively encrypt the files when adding an administrator password?
    Or, are there any other ways to get what I want?

     
  • Mainly on centrally administrated/managed computers, you can use a certificate/cryptographic identity placed in the Windows Certificate Store (X.509 certificate with RSA public key and associated private key) to encrypt .seb files. I didn't investigate yet how to create such a (self-signed) certificate on Windows, on a Mac you can use the key chain utility for that (the unfinished tutorial at http://www.safeexambrowser.org/macosx/mac_tutorial_config_en.html might help).

    You would need to deploy this certificate on the exam client computers, afterwards you can use .seb files encrypted with this certificate (and don't need to use a password). This works well on managed computers where users don't have an administrator account and presumably can't export that certificate from the Windows Certificate Store.

    All other kinds of encryption are in fact not safe. The secret (password or certificate) has to be separated from the cipher text (encrypted .seb settings file), otherwise it's easy to decrypt and manipulate the .seb file. For example we cannot use a master password for encrypting .seb files: If someone finds out this master pw, he/she can publish it somewhere in the net and the whole installed base of SEB would be compromised.

    I would reconsider if you cannot live with a .seb password which has to be entered before an exam. The big advantage of that is, that if you use a fresh pw for each exam, then you can be sure that no one can decrypt/manipulate that .seb file before the exam starts and you communicate the password.

    Another future solution may be: Use a self-signed certificate and add this to a .seb file "for configuring a client". This initial config .seb file you send to the students of your institution/class/customer, they double click it after installing SEB and the certificate is saved in their Windows Certificate Store. Then you have to make sure that the .seb file for starting the exam (which is encrypted with the certificate mentioned before) is made available only for the students logged in for an exam and just before the exam starts. Then they could hardly manipulate it in time, similar like if using a .seb password.

    The only problem in the latter solution is that embedding a self-signed certificate into a .seb file "for configuring a client" is not yet implemented in SEB 2.0 RC for Windows (only in the upcoming SEB 2.0 RC for Mac). I will try to add it to the Windows version asap.

     
    Last edit: Daniel Schneider 2014-02-17
  • Jarle Presttun
    Jarle Presttun
    2014-02-17

    Thanks for taking time to explain this in such detail. Makes sense what you write, so we'll see what we can do to get the "extra" password into the workflow using our exam system.

     
    • Tim Hunt
      Tim Hunt
      2014-02-21

      Note that, with the Moodle integration at least, Moodle checks a hash that includes which .seb file was used. Given that, it should be possible to just have the passwords on the .seb file, instead of the 'day' password.

       
  • I know, we need to publish documentation about all the new possible workflows with SEB 2.0, then some points might get clearer. We are nevertheless open for finding additional solutions for those workflow and usability questions. The long term improvement we're looking for would be the SEB Server, there the goal is to improve usability and security significantly at the same time.