Question of export type & use?


Status
Not open for further replies.

ramriot

Well-known member
May 24, 2018
127
14
Hi Steve et-al,

I cam across something I think is troubling about how SQRL identities are exported from clients. As an example I will describe first Steve's windows client which I am running under wine.

NOTE
I would like to analyse the S4 files outputted but I cannot currently compile the IdTool as I'm only running Ubuntu 16-LTS at present so my conclusions are via file size analysis.

*Observation*
On the "Backup or Export SQRL Identity" screen there is first two radio buttons labelled:-

1/ Allow backup decryption with either the password or the Rescue_Code for more convenience but somewhat reduced security.

2/ Require the super-secure Rescue_Code for later decryption and use of the backup for storage security.

Derivation
When used to generate QR-codes I get a larger code for 1/ than 2/, I derive from this:

a) That 1/ is exporting the IUK - encrypted under Rescue_Code & the IMK / ILK - encrypted under current user password

b) That 2/ is exporting the IUK - encrypted under Rescue_Code alone

Conclusion
If that is true then the inferences & weight placed upon export choice by the descriptions on 1/ & 2/ are inverted when those exports are done in the use-case of syncing identity between a source device & a new destination device.

Reasoning
My reasoning for this is that using 2/ for export to a new device necessitates using the rescue-code on that device at least once during set-up & thus expanding the trust zone of an unprotected IUK to that new device. This is something I believe users should be very careful of doing as a single leak of the IUK is I believe unrecoverable.

Using 1/ for all exports to new devices & then using the user's current provided passphrase during set-up would only risk leaking the IMK/ILK which is I believe a recoverable situation via re-keying the identity.
 

Attachments

Vela Nanashi

Well-known member
May 19, 2018
715
123
I suppose if there is any chance that one of the clients or the machines they run on, can't be fully trusted, then you have a point that it might make sense to have the rescue code never touch some of them, I do not know how the clients handle that when importing a new identity though. Still I would not want my identity on any device I do not trust, even if they only have access to the secret locked behind my password, not the rescue code. I agree that making it clearer to people could be a good idea though :)
 

ahauser

Well-known member
Feb 22, 2019
213
55
Hi @ramriot,

while what you state above is correct and the conclusions you draw are certainly factually valid, to me it feels like going just a little too far in terms of paranoia. Pulling through with your thought experiment, NO operation which requires the use of the rescue code could be performed on "another device". This includes resetting your password, rekeying and unlocking your account.

If you're using LastPass, you also have to enter your super-secret master password into every device you want to use LastPass on. If that device is compromised, well, there goes your security...

We HAVE to find a compromise between security and usability somewhere. After all, we don't want to end up with only developers and tech enthusiasts using SQRL.
 

ahauser

Well-known member
Feb 22, 2019
213
55
I agree that making it clearer to people could be a good idea though :)
Most people won't read our explanations anyway. I have a feeling that another wall of text explaining another security consideration is the last thing SQRL needs at the moment.
 

ramriot

Well-known member
May 24, 2018
127
14
Most people won't read our explanations anyway. I have a feeling that another wall of text explaining another security consideration is the last thing SQRL needs at the moment.
I agree too, this is why I would opt for separating the two export options & only making the more secure (though Steve labels it as less secure) dual key export mode easily available while only making the other only available directly in the steps immediately following identity creation & then hide it under an 'Expert Mode' radio button or similar later.
 
Status
Not open for further replies.