commit ba39aef6738f8a1c6ce9ba817cbd99c59eb7a6b0
parent 0e141abf5746635a128aac4b170f8ebddd68d894
Author: Jaromil <jaromil@dyne.org>
Date: Sun, 23 Nov 2014 15:31:14 +0100
considerations on password bruteforce vulnerability on steghide
Diffstat:
1 file changed, 25 insertions(+), 0 deletions(-)
diff --git a/KNOWN_BUGS.md b/KNOWN_BUGS.md
@@ -1,3 +1,28 @@
+# Vulnerability to password bruteforcing
+## Issue affecting keys used in steganography
+
+ An important part of Tomb's security model is to *make it hard for
+ attackers to enter in possession of both key and data storage*: once
+ that happens, bruteforcing the password can be relatively easy.
+
+ Protection from bruteforcing is provided by the KDF module that can
+ be optionally compiled in `extras/kdf-keys` and installed.
+
+ If a key is buried in an image and then the image is stolen, the KDF
+ protection does not works because *attackers can bruteforce easily
+ using steghide dictionary attacks*: once found the password is the
+ same for the steg crypto and the key crypto.
+
+ Users should keep in mind these issues when planning their encryption
+ scheme and, when relying on steganography, keep the image always
+ mixed in the same folder with many more images since that will be the
+ multiplier making it slightly harder to bruteforce their password.
+
+ In most cases consider that *password bruteforce is a feasible attack
+ vector on keys*. If there are doubts about a key being compromised is
+ a good practice to change it using the `setkey` command on a secure
+ machine, possibly while off-line or in single user mode.
+
# Versioning and stdin key
## 1.5
