Master Key Generation from Master Password

Popular easy-to-use and secure password manager

Brought to you by: ronys

Master Key Generation from Master Password

Forum: Open Discussion

Creator: Ulrich Boche

Created: 2013-02-05

Updated: 2013-02-05

Ulrich Boche - 2013-02-05

I'm sure this topic has been discussed before but I was unable to search the for it with a meaningful number of results.

A series of articles in a recent issue of the German computer magazine c't about state-of-the-art password cracking tools and techniques has prompted me for this question: what is the method used to derive the master key for the psafe3 database from the master password?

If an attacker gets a psafe3 database into his hands, the effort needed to crack the master password is highly dependent on the key derivation method. If a method such as PBKDF2 or bcrypt is used, the cracking process can be a million times or more slower than if only a simple hash algorithm such as SHA1 or SHA-512 is used.

For me, this question is of particular interest since I'm not only using PasswordSafe on the PC but also the Pwsafe app on my iPad and I need to keep the psafe3 database in my Dropbox.

Regards,
Ulrich

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Rony Shapiro - 2013-02-05

This is defined in the format specification document. We're using an equivalent of PBKDF2 with SHA-256 and a configurable number of iterations, currently set at 2048.
For details, see https://sourceforge.net/p/passwordsafe/code/5212/tree/trunk/pwsafe/pwsafe/docs/formatV3.txt
Section 2.3, and http://www.schneier.com/paper-low-entropy.pdf.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Ulrich Boche - 2013-02-05

Rony, thanks for the information. Very reassuring.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.