Consider OnlyKey hardware password manager #489
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#489
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
OnlyKey is an open source hardware password manager that stores passwords offline. It would be a great addition to the https://www.privacytools.io/#pw list. It was recently on the complete privacy and security podcast -
https://soundcloud.com/user-98066669/078-onlykey-by-cryptotrust
It has other privacy features like plausible deniability and self destruct
https://onlykey.io
I was recently notified about thisd section in your documentation:https://docs.crp.to/usersguide.html#secure-encrypted-backup-anywhere
Do I understand correctly understand that keys are also exported into the backup from the keystore?
So I looked into your documentation for a little more insight in how you do things and there are various things that jumped at me in your documentation.
Starting from questionable statements like:
I just hope you can correct that to a working that says "that is hard to crack by an attacker" instead of "cannot be cracked by an attack". I assume there was just some marketing person writing :)
To statements that make me worried:
From a hardware store for secrets I would expect that it never allows to read secrets again. No matter if it was physically obtained by a third-party or not. That's basically the main purpose to have those. This sounds like a design flaw to me.
Which brings us to the heart of my concerns:
When I get that correct the maximum PIN length is 10 numbers, feel free to correct me if I'm wrong since I couldn't find any better resource that stated the maximum PIN length in the docs.
Together with this statement it means we get 6¹⁰ (60'466'176) possible PINs. That are actually 60 times more than possible on a regular OpenPGP smartcard. At least when it comes to the PIN people use to authenticate. Since those are 6 digits. On the other hand the AdminPIN for OpenPGP smartcards allows 8 digits and therefore allows 10⁸ (100'000'000).
But all this is just weird talking since actually smartcards and the OnlyKey are not really comparable.
Starting with this statement in the docs:
This along with the statement how you keep things save:
And finally revealing itself by looking at the international traveling "feature":
All in all it seems like you store all data encrypted on a more or less regular flash memory. That is protected by having it's data encrypted with a 7-10 digit PIN that is (hopefully) fed into a KDF along with a random number (which I assume is stored on the OnlyKey) to generate the decryption key.
While this all sounds safe and due to the separate hardware fine for a threat profile where an attacker never gets physical access to the key itself, it sounds to me like one could just take the key apart, desolder the flash memory out or use a similar way to read it separated from the key. And therefore create an image of it that can be decrypted separately without the 10 times restriction the key imposes.
This is prevented by smartcards by using hardware-temper proven chips like TPMs (yes, they don't work 100% but have a way better protection than regular flash memory). But I couldn't find any information about that in the OnlyKey docs.
Feel free to proof me wrong on all of this, I would really welcome it, since more good security keys on the market are a good sign, but for now, I'm very far from being impressed by this key :/
@SISheogorath We posted this to privacy tools because people are looking for real solutions for privacy and security, I see a lot of criticism in your post but there were no alternatives mentioned. Its kind of like you are saying here, 2-factor authentication isn't perfect so I just won't use it. There are trade offs to every solution out there but clearly keeping your private keys offline has much less risk that storing your private keys online, on your computer and on the cloud. For example, one of the privacy tools recommended here is Keybase, which is great but if you are using this your private key is stored with Keybase and if someone hacks your account through something like a weak password, they can get your private key. With OnlyKey your private key is offline, and it's easy to use with Keybase. You can send an encrypted message using a new app we are working on here:
https://apps.crp.to/dev-new/encrypt-dev.html?type=e&recipients=tws
The message can then be decrypted with a private key that never touches the computer. Now you have to admit that this is much more secure than just using Keybase with your key stored in the cloud and on the computer.
This should be changed to "random 58 character passwords that cannot be cracked by an attacker"
You have to admit it is impossible currently to crack a random 32 or 58 character password.
We do allow encrypted backups, you can disable this feature if you like but it is something that is necessary for a real solution. Backups require a person's PIN, the device, and physical presence to initiate. Restores require the private key. This was an intentional feature, for lots of people the risk of losing all of your accounts stored on your key is a much bigger risk than the risks you mention.
I am not sure what you are saying here, you can set a 7-10 digit PIN, you have 10 failed PIN attempts before device is wiped.
Terms like secure element is a marketing term. What it means is that the chip is being marketed to manufacturers of security devices. It doesn't actually mean its secure, but it does mean its proprietary and closed source so you probably won't know it has a flaw unless something like this happens - https://crocs.fi.muni.cz/public/papers/rsa_ccs17
The OnlyKey does not use a chip that is marketed as a secure element but it does have hardware security features. Clearly you cannot desolder and extract the flash memory from OnlyKey - https://docs.crp.to/security.html
So what would you recommend people use for things like password management?
I would like to quickly step in to combat one key point: of course it is OK to criticize even if you have no other/better solution. That post asks a lot of hard questions about the security of your device. This is the only sane thing to do when it comes to security. Especially when an endorsement is on the table.
To illustrate: I can't solve clothing manufacturing, not by a long shot. But I most certainly can point out that child labour is the wrong way to go about it.
Back to the topic at hand:
At the very least this may be crucial info that might be important for users to make an informed decision. Would you rather have a blanket endorsement that basically means "we didn't fully understand it, but you're probably safe. Trust them."?
A alternative to OnlyKey would be Nitrokey - Github site
@beerisgood Sure, that's an option they both do quite different things though - https://support.nitrokey.com/t/nitrokey-vs-onlykey/638