Let me see if I understand how PAKE works

Options
Calion
Calion
Community Member
edited October 2019 in Lounge

I feel that the documentation on how 1P client and server communicate without ever sharing either the Master Password or the Secret Key (password-authenticated key exchange—PAKE) is not very clear. Reading the White Paper (which is also not that clear on this point, at least so far), I think I begin to understand. Please tell me if I've got it right, or at least if I've got it something analogous to right. (I'm aware that this is a simplified version, and that there are several more calculations and operations going on than I've listed—not all of which I understand.)

  1. The 1P client has the Master Password, the Secret Key, and the data file.
  2. On setup, the client transmits a verifier, created by mathematically combining the Master Password and the Secret Key (and some other things), to the server.
  3. The client also transmits the data file to the server over a secure (TLS) connection (i.e. TLS is the only thing preventing a snooper from obtaining the file itself).
  4. On the next session, the client wishes to sync changes with the server.
  5. The server now has the data file and the verifier, which is something like a hash of the Master Password and the Secret Key combined.
  6. To authenticate, the client and server agree on a random number (no word on how that happens).
  7. Both perform some calculation using the verifier and the single-session random number.
  8. Both send the result of this calculation back to each other. The use of the shared random number ensures that no one can just send this answer to the server (or client, for that matter) in a future session and get access to my data.
  9. If the answers match, the "doors" open, and sync is allowed to happen. This "answer" is used to encrypt the entire resulting session.
  10. If I decide to use 1Password on a new device, I need both my Secret Key and my Master Password in order to sign in to 1Password.com and download the data file.

The only problem with all of this is that I've seen repeatedly that AgileBits definitely does not have my Secret Key anywhere—except that I can view my Secret Key on 1Password.com! So…huh??

All of this could be a lot clearer for tech-savvy people who are not cryptography experts (like me). A lot of this is guesses based on things I've read on this site that sort of imply that this is what's going on, without stating so outright.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • AGAlumB
    AGAlumB
    1Password Alumni
    Options

    @Jim A Syler: I'd encourage you to finish reading the security white paper in its entirely first, at least once, as it makes much more sense in context. But also, re-reading it, you'll make connections that you may have missed the first time around as a result of having a better sense of the big picture. It's pretty explicit, so rather than just implying things, so you will not need to "guess" or draw your own conclusions as much.

    That said, I think this is the key (no pun intended) for you, as it often is for others:

    The only problem with all of this is that I've seen repeatedly that AgileBits definitely does not have my Secret Key anywhere—except that I can view my Secret Key on 1Password.com! So…huh??

    That is correct. As you'll see in the security white paper, what you think of as "1Password.com" is an app running locally in your web browser. It isn't running on the server, but on your machine. When you go to the website, it loads the app to run in your browser, and then that is the 1Password "client" communicating with the server. Your account credentials are not sent to the server, but rather SRP (Secure Remote Password) is used to prove that you know them without them being transmitted, so that the server then sends your encrypted data to the "client", which in turn is decrypted locally using your Master Password and Secret Key.

    You're right that it is fairly technical, but that's unavoidable to an extent because of the cryptography and security architecture necessary for this to work. It does make more sense over time as things "click" and you make connections, so it's great that you're checking it out. None of us could handle computers at all if we were suddenly presented with one, having not used one before. But somehow we figure this stuff out. Knowledge builds upon knowledge, so it's just one step at a time. :)

This discussion has been closed.