In version 3.x the symmetric master key to AES encrypt/decrypt the database is generated in a complex way based on the master password or key file provided by the user (the key transformation process or Key Derivation Function KDF). The process of decrypting a KeePass database (.kdbx version 3.1). This seems to be a pretty strong algorithm. In version 4 ChaCha20 has been added as an alternative streaming encryption. The CBC variant, using an Initialization Vector (IV) is regarded as best practice over ECB. This is an encryption that has not been cracked and it regarded as safe against brute-force attacks. In version 3 AES/CBC with PKCS5 padding is used for (symmetric) encryption of the database. kdbx format comes into two versions: 3.x and 4. I even tested the security by writing a small brute-force algorithm. The program decrypts and decodes KeePass test databases protected with a master password into its XML content. In order to get some hands-on experience, I wrote a decryption program, which you can find on my github. kdbx file format I get a good impression about the security of the application. KeePass database encryptionįirst of course there is the KeePass database. I did some analysis to have an indication about whether accessing your personal secrets from a web application and storing them in the cloud is a sensible thing to do. Therefore I report my findings Cyber securityįirst a word about security. Why then, this blog as third howto? Well, following both links still gave me some head-aches. Dropbox and GDrive, which also explains Microsoft OneDrive.Host Your Own Multi-User Password Manager with KeeWeb and WebDAV.There are two sites I would like to mention that provide a howto. I finally succeeded to get it working with my KeePass database on Microsoft OneDrive and and on Dropbox. However, I like to be in control and host the application myself. The latter seems to be about what I want. Keeweb comes in a desktop application as well as a web application. I did some searching around and found Keeweb to be most applicable. So I wondered if I could use my KeePass database in a self hosted web based application. This, however, is not a fine way of working, because I tend to forget my memory stick. I started to use it with my database on a memory stick, to have it anywhere I go. I use it for some time now and I am happy with it. It is a PC application storing your credentials and secrets in an encrypted. KeePass is an open source password manager.
0 Comments
Leave a Reply. |