[BBLISA] Reusing Passwords on Different Sites Should be OK
Josh Smift
irilyth at infersys.com
Thu Sep 17 16:25:41 EDT 2015
I feel like the phrase "reusing passwords on different sites" is a little
misleading, because the whole point here is that you don't *ever* send
"your password" to *any* site, right?
It's more like "using the same passphrase on your SSH private key for
different sites", because the passphrase never leaves your local device.
I also think the "should be OK" phrase is confusing: I first thought that
you meant it in the sense of "should be considered OK", as in if someone
did this right now today given the current state of things, we should
consider that to be OK, and not a problem. I think what you actually mean
is "doing this is not currently OK, and we should change the state of
things so that doing it is OK", right?
I do think the general principle of "you should never have to send
reusable credentials to anyone" is a good one. I haven't looked at your
specific solution closely enough to compare it to other similar ways of
doing this.
I'm didn't entirely understand the complaint about using asymmetric
cryptography to solve this problem. You say "asymmetric keys are simply
too large for a human to memorize or type in"; that's true, and is why
asymmetric keys are usually stored as files, themselves encrypted with a
passphrase, and you never send that passphrase to anyone.
You say "CBCrypt deterministically generates a public/private keypair
unique to each specific user, on a specific server, using a specific
password. Any variation of any of these factors results in an entirely
different and unrelated keypair." which makes sense, but it's not clear
why having a separate keypair for each server is better than having a
single keypair for all servers. If someone comes up with a way to derive
your private key from your public key, I suppose having thousands of
separate public keys would limit the scope of the damage; if that's what
you have in mind, it might be worth saying that there. (In which case the
value that your solution adds is "management of thousands of keypairs",
which is a pretty big hassle to do manually.)
-Josh (irilyth at infersys.com)
More information about the bblisa
mailing list