[aerogear-dev] Crypto questions

[Christos Vasilakis]

Hi there,

during the development of security bits in iOS I had come up with some questions which I will appreciate your input. In particular:

a) As described here [1] a passphrase is asked to be entered by the user and then we use PBKDF to generate the encryption keys which we will then encrypt user's data.  The problem I see with this approach, is that if the user decides to change his passphrase we need to re-encrypt users’ data with the new key. A possible solution is to generate a random _symmetric key_ and then use PBKDF  (with user’s passphrase) to encrypt that _symmetric key_. In that we stay independent of the user’s passphrase change. It can also help in scenarios where a separate PBKDF key can be used to encrypt the _symmetric key_ , generated by security questions (in case the user forgets his passphrase).

b) From my understanding, data can be decrypted on server since a shared secret is used (produced by Diffie-Hellman)?  How can this be avoided? During my search came up with a 'Split Server-Side Keys’ concept described here [2].  Basically two keys are generated one half resides on the client (generated by PBKDF) one on the server (random). The server can’t decrypt without possession of the client key and vice versa. Looked interesting

Thanks,
Christos


[1] http://tinyurl.com/p65tjhv
[2] https://gist.github.com/cvasilak/200180a133e4eb2573ac