Are my passwords safe?

how's the decrypted data checked for validity?
by checking that each character is not a garbage value, as in not a non-keyboard character?

Last edited by adityagautam (2009-05-25 12:32:16)

all of the info is stored in JSON format (iirc) so it's basically determined by whether or not our JSON library can load it.

mike wrote:

all of the info is stored in JSON format (iirc) so it's basically determined by whether or not our JSON library can load it.

in a simpler tongue, this means_____________________________ ??

it's like when you go to a web page, your browser is expecting something like:

<html><head><title>my AWESOME webpage</title></head><body><img="construction.gif"><blink><b>under construction!</b></blink>
<font size=2>made with notepad!</font></html>

but if it got

?w???**LS?S?+n?^???A?#??L???'e1??w*?K?-rR???ksUJ?O<??*?\???kd?l?
???F??[?R?)9??@R*??p|'4??|????r??8
+

instead, then it wouldn't be able to display the page.

likewise, if we're expecting some data like:
 

{"name" : "digsby",
"password" : "?\xb3w8\xd5z\xfc\xb6\xab)\x8e\xe5\x0f\x12\x12\xb7\"\xc9\x1aY\x8frd}5Hm\xb8aW:\x8e"
"protocol" : "aim",
"autologin" : 0}

but get

o"|E?fno,lH??c????[???}??A,??5?H??(?2?J???Z????L(#`???Y=C}UV?L?
?I?

it's clearly not the right data.

edit: hm, i just noticed it replaced all the cool control characters with question marks. lame.

Last edited by mike (2009-05-25 12:55:20)

okay... so the mechanism is like, if the input structure is kind of like what its expecting, then it assumes that the password is authentic. that's kind of like you are bypassing the whole authentication mechanism, yet you are being authenticated (in an indirect manner) all the same. Cool!

btw the code that you have provided, i don't know if its similar to the one that digsby uses, or a simplified version, but either way, while fields like name and protocol are in plain text, the password is really weird.... why's that? i mean when you are on the brink of login, this data is for the login, then why still use encryption?

Last edited by adityagautam (2009-05-26 13:12:09)

the local cache isn't encrypted with the same key as the password (which is encrypted as discussed above). the key for the local cache is created from not only your password, but also some bits of data specific to your windows installation, so the cache file can't be copied by someone else and moved to another computer (in order for an attacker to successfully log in to your digsby account with that file they'd most likely have to clone your windows partition).

mike wrote:

the local cache isn't encrypted with the same key as the password (which is encrypted as discussed above). the key for the local cache is created from not only your password, but also some bits of data specific to your windows installation, so the cache file can't be copied by someone else and moved to another computer (in order for an attacker to successfully log in to your digsby account with that file they'd most likely have to clone your windows partition).

this was in reply to the former part of my last post or the latter part?

This is what i get from your explanations in the the last few posts:

The account login information that is stored in the local cache is encrypted using some sort of a composite key (as is the login information sent by the digsby server in normal login) - the unique part of which is the user's digsby account password.

in case of login in local mode, the other part of the key is derived from data specific to the system the file is on.

beyond this layer of encryption, the password is still in an unintelligible form, that gets translated into its raw form only after it is loaded (for use) in the digsby client.

so,

* If an attacker transfers the file(s) to his computer, he cannot derive any information from it, 'coz beyond the digsby password, some data specific to the system the file was originaly on is reqired; and

* Even if the attacker penetrates through this layer of encryption, not all is lost, as the attacker can't get his hands on the account passwords by messing around with this (or these) file(s), since even beyond this encrption layer, the passwords still aren't available in their raw form.

although for either fo these, the digsby password should be known to the attacker.

Okay, in this, chris said:

chris wrote:

try making your shortcut for digsby with "--no-log".

Now, I didn't exactly get what he meant, so I googled it. The fourth hit claims that This particlular s/w can actually recover lost Digsby passwords. Now I was kind of wondering how i could do that, when even the folks at Digsby themselves couldn't help you with that.

On a lighter note, you see that Digsby's gotten so popular and gone so mainstream that you actually got programs coming up that help you crack your way through Digsby.
On a more serious note, this just may may prove to be a security hazard.

Now going by the extensive discussions between the Digsby devs (more particularly mike, though chris chimed in often), and between the lame, dumb man (namely, me), I have a hunch this s/w might be malware offering this exaggeration as a luring bait, and I use an ancient machine on the brink of collapse, so I would dare not risk crashing my comp (formating my comp approximately a hundred times last year-no exaggeration or kidding-has been more experience than i ever wanted in the first place.)

Now I am not exactly sure from where the s/w takes over, so I can't be sure, but could one of the braver guys around try to figure out how exactly does this work, if at all it does so?

Last edited by adityagautam (2010-01-21 15:19:48)

I bet you all that program retrieves is your Digsby password. Same as http://nirsoft.net/utils/mspass.html does. This, of course, only works if you have told Digsby to remember your login details.

And in an attempt to explain things to you.

The account information stored on the Digsby server is encrypted using your Digsby password as the key. This means that it can only be decrypted by someone knowing both your password and the encryption method Digsby uses. Even the Digsby staff cannot read your account details as your password is also stored in an encrypted form. I would suspect your password is stored as a unreversible hash.

The details stored in the local cache on your computer are also encrypted but they are encrypted in a slightly heavier way in that they also use such things as your windows serial number as the key to prevent anyone who manages to get hold of a copy being able to read it on a different machine.

Digsby is secure unlike Pidgin which stores your details in plain text for all to read. the other other messenger that works in a similar fashion to Digsby is Trillian and I would say both are as secure as each other.

BTW are you refering to Digsby as the possible malware? I hope not because that would be a pretty stupid thing to say about any software that has been in development for over a year and available to the public for dissection.

adityagautam wrote:

Now I was kind of wondering how i could do that, when even the folks at Digsby themselves couldn't help you with that.

On a lighter note, you see that Digsby's gotten so popular and gone so mainstream that you actually got programs coming up that help you crack your way through Digsby.
On a more serious note, this just may may prove to be a security hazard.

Assuming they're not just saying that they can get the data from memory or from the text field while digsby is running... (which I'm not sure there is a good way to protect against).

carbonize wrote:

The details stored in the local cache on your computer are also encrypted but they are encrypted in a slightly heavier way in that they also use such things as your windows serial number as the key to prevent anyone who manages to get hold of a copy being able to read it on a different machine.

I'd bet that if you don't have digsby saving your digsby password, this software can't do anything.

For digsby to be able to "save" your password on the local machine, there's no useful way to encrypt it without using another key.  In this context, "password" is just another name for "key", so, you need a "password" (key) protecting your (digsby) "password".  For this (key), we use machine details.  These details, combined with knowledge of the encryption method, are enough to decrypt the password.

Now, it would be foolish to assume our encryption method was known only to digsby.  The protection comes from the key.  Since this key is available to any software running on the machine, and since they may have figured out the encryption method, that means any software running on that machine would theoretically be able to retrieve the password.

If you want to be safe from such an "attack", DON'T click "save password"

Well, so all that the software does is that it reveals the hidden password... Lame! I thought that, but then I thought that it particularly password retrieval so I thought it could be malware, since I very well know how Digsby's security system works.

chris wrote:

Now, it would be foolish to assume our encryption method was known only to digsby.  The protection comes from the key.  Since this key is available to any software running on the machine, and since they may have figured out the encryption method, that means any software running on that machine would theoretically be able to retrieve the password.

If you want to be safe from such an "attack", DON'T click "save password"

Well, its more than obvious that the weak link in the entire system, prone to this particular type of "attack", in double quotes as chris put it, is checking the save password box.
that said, now once a person's Digsby password is revealed, that's a major loss, a hige loss, but that still is once step away from everything being lost: your actual account passwords (as long as they're different from your Digsby password!).
Now, once a person's Digsby password is known, as chris has mentioned above, the "attacker" can get hold of your account passwords. At the moment, they literally mean the same as possessing the knowledge of the the Digsby password, as that will ultimately lead him to you individual account passwords, which are stored encrypted in your local cache, encrypted using your Digsby password and Windows' serial.
Now pay attention to the snippets quoted by chris that I have bold-faced. They're the ones involving the attacker having knowledge of the encryption method, which in this case is the weak link. But that can be resolved pretty easily, and apparently, the solution lies in this very topic: if you see mike and my discussion above, you'll find a mention of Kerckhoff's principle. In the present context, rather than directly using the user's Digsby password and his Windows installation serial, why not use keyed hashes of these, the key being something irretrievable, like for instance, some random string that strikes the devs, to start with?  Maybe two different keys for the Digsby password and the Windows serial? That way to encrypt and decrypt the account passwords, the Digsby password and the serial would need to be hashed, and despite having knowledge of the Digsby password and the Windows serial, no user could actually work his way to the actual account passwords, coz the hashed forms the Digsby password and the serial is used, and the key to these hashing algorithms is not known to the attacker. that would add an extra layer of security, and that probably could make a difference, no?

carbonize wrote:

they are encrypted in a slightly heavier way in that they also use such things as your windows serial number as the key to prevent anyone who manages to get hold of a copy being able to read it on a different machine.

Oh, then the serial part doesn't really play a role for me. If I got hold of somebody's Disby password, I wouldn't really try to decrypt all other passwords of the person on his machine from his local cache; all I would need to do I is log into his Digsby account on my computer. That would get the person's password stored encrypted on my system's local cache, using my serial key and the password, both which I have. So you see if at all this is how the whole serial thingy works, it doesn't really introduce any new unsurpassable layer of security.

carbonize wrote:

BTW are you refering to Digsby as the possible malware?

No, no, no, no, no! I am and have been a loyal Digsby user from almost the start. And even when the malware claims were at their peak, I never really considered them malware, at most optional add-ons. Here, I was refering to the retrieval software as possible malware.

I am yet another one of those long-time Digsby fan and user, as loyal as you possibly are-ask the devs if you want!

Humph. Should see the argument I am having on the Avast forums with some idiot whos' only argument is Digsby is bad and he just keeps reposting links and images form Lifehacker etc but refuses to tell me what malware Digsby comes with now.

ha ha! i know exactly what you mean! I've had some pretty ugly arguments myself, on these very forums!

adityagautam wrote:

the solution lies in this very topic: if you see mike and my discussion above, you'll find a mention of Kerckhoff's principle. In the present context, rather than directly using the user's Digsby password and his Windows installation serial, why not use keyed hashes of these, the key being something irretrievable, like for instance, some random string that strikes the devs, to start with?  Maybe two different keys for the Digsby password and the Windows serial?

The problem with this, of course, is that the keys have to come from somewhere. If the attacker has figured out what machine-specific data is being used, then basically that means any data that is shipped with the program is compromised (i.e. accessible to the attacker). So you can't put hash-keys in the program data. We can't put them on the web, because they'd have to be publically accessible (i.e. they would be inherently compromised).

Perhaps it's best that I explain the logic behind the current scheme for the encryption of the Digsby password when being stored on disk.

We didn't want it to be plain text on disk (see also: pidgin).

However, if a simple cipher or simple encryption is performed on the data for EVERY Digsby client, an attacker just has to get that file and then they can install Digsby on their own machine, and let the app decrypt your cached password. Unfortunately, this is the way Digsby worked for quite a long time.

Once we realized this flaw we changed the key to be machine specific. Basically the goal here is to just make it so someone can't steal your cache file and then drop it on another machine and get access to your account. Now if they want to steal your cache file they'd also need to steal the appropriate machine specific information and re-implement the decryption process themselves (as the Digsby client can't be configured to use a different set of machine data; at least not in any way that I've imagined). This is clearly NOT impossible, however I'd like to think that the barrier to entry is high enough to dissuade most attackers. That leaves us with this:

chris wrote:

If you want to be safe from such an "attack", DON'T click "save password"

In other news, the only way to be 100% safe from the dangers of the Internet is to remove the NIC from your computer.

mike wrote:

Now if they want to steal your cache file they'd also need to steal the appropriate machine specific information and re-implement the decryption process themselves (as the Digsby client can't be configured to use a different set of machine data; at least not in any way that I've imagined). This is clearly NOT impossible, however I'd like to think that the barrier to entry is high enough to dissuade most attackers. That leaves us with this:

There are generally far easier ways to gain access to someones IM accounts or social website accounts. eg last i checked i dont think facebook even used encryption to login.

There is no such thing as a 100% secure system but digsby is dam close and could not get much closer.

I study maths at uni and have done a few units at uni based on the maths of cyprosystems so have an idea what im talking about.


OOC: Mike/Steve you should publish a crypto book your descriptions are far better then any text on the relative areas you where talking about i have seen.

seanet1310 wrote:

OOC: Mike/Steve you should publish a crypto book your descriptions are far better then any text on the relative areas you where talking about i have seen.

I double that.

Last edited by adityagautam (2010-03-31 04:57:59)

Put symbols, numbers, and caps in your password. Make it as long as the host allows.

Hello. Has the system been changed to avoid the points raised here?

http://securityxploded.com/digsbypasswordsecrets.php