How does account recovery work when you don't have access to encrypted data

Hi,
I'm currently looking into 1Password for Families and I like the account recovery features. But I'm wondering: how does it work when you don't have access to the encrypted data? I mean you can even recover the secret key and the master password and the user has access to his data like he had before. How is that possible? (Don't say Black Magic pls)?

And how can you place an item inside the vault of a newly created user that contains both the master password and the secret key? Is that all done locally?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • DanielPDanielP

    Team Member
    edited February 2018

    Hi @Manaburner

    That's a great question! The technical summary of how this can work is this: every group in 1Password, including the Recovery Group, holds some encryption keys or, more correctly, a public/private key pair. At the same time, every vault has a vault key. We encrypt the vault key with the Recovery Group's public key, so the members of the recovery group can decrypt it with the group's corresponding private key (note that this does not mean being able to access a vault's content, this is something that is enforced by permissions on the server).

    Indeed, when you perform recovery, what you are decrypting is the vault key, not any user's public/private key pair or any encrypted data. In addition to this, any member of the Recovery Group will only come close to the vault keys during recovery, i.e. when requested by a user who lost access to their account.

    During recovery, the users who needs recovery (let's call her Alice) will generate a new public/private key pair. A member of the recovery group will decrypt the vault key with the Recovery Group's private key, encrypt it with Alice's new public key and send it over to the server, which will then send it again to Alice. This way, Alice can access her vault once again without the member of the Recovery Group being able to access any data (notice that the encrypted blob is never seen by the recovery person).

    During this process, new encryption keys, secret key and master password are created, so you are not recovering the previous secret key and master password.

    If you want to find out more technical details about this, the chapter Restoring a User’s Access to a Vault in our Security White Paper also has a diagram.

    And how can you place an item inside the vault of a newly created user that contains both the master password and the secret key? Is that all done locally?

    That's correct, it's done locally. Those items are first created, then encrypted, locally before being stored on the server. We added this for convenience to lower the risk of misplacing login information right after creating an account, which is something that happened so surprisingly often that we felt adding something like this could help.

    And of course, if you have any questions, just shoot ;)

  • Hi @DanielP
    thank you for your detailed response, I really appreciate it.
    To me it sounds like you're more or less doing the same as GnuPG does, when you encrypt a message with the recipients public key as well as with your own key so that your are able to read the message after sending it. (This may be over-simplified but helps me understand what you're doing there, if I got that right of course)

    I've read in the White Paper you mentioned this sentence: "Our use of two-secret key derivation (2SKD) increases the risk to data availability as in addition to the possibility of a user forgetting her Master Password there is also the possibility that the Secret Key gets lost."

    Shouldn't this either say "increases data availability" without "risk" or maybe "decreases the risk of data loss"?

  • DanielPDanielP

    Team Member

    @Manaburner

    First things first, I have updated my original comment with an additional clarification on secret key and master password during recovery, specifically to say that the old ones are not recovered, and a brand new set of login information and encryption keys will be generated during the recovery process.

    Our use of two-secret key derivation (2SKD) increases the risk to data availability as in addition to the possibility of a user forgetting her Master Password there is also the possibility that the Secret Key gets lost.

    What we mean by this is that there is an additional piece of information that a user needs to access their data, as the master password is not enough to do so. This increases the security of your data, but it also means that there is an additional piece of information that could get lost, thus increasing the risk to lose access. That's why storing a copy of the Emergency Kit in a safe place is so important ;)

  • Gotcha. Thank you :)

  • FrankFrank

    Team Member

    Hi @Manaburner - We're two for two today :+1: On behalf of Daniel, you're very welcome and I'm glad to hear the information helped. I hope you enjoy the rest of your day and I look forward to hearing back from you soon. :smile:

This discussion has been closed.