[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] Greetings and Question on HSM Keys

From: taler
Subject: Re: [Taler] Greetings and Question on HSM Keys
Date: Wed, 18 Aug 2021 04:41:33 +0200 (CEST)

Hash: SHA256

Hello Dr. Grothoff,

Thanks for responding!

I understand that SHA1 is not best.

Any algorithm from the HMAC-SHA2 series

would be better alternatives.

It is true that many consumers may not be willing

to purchase a hardware key at the immediate

moment. But since GNU Taler is meant to be

a system that people entrust store their money in,

it is worth making as soon as possible.

I am currently reading the GNU Taler docs further

and will notify the mailing list of any more questions

I have.


Tanveer Salim


Aug 17, 2021, 07:42 by grothoff@gnunet.org:

> Hi Tanveer,
> Welcome and thanks for your message!
> I think in principle having support for encrypting the Taler wallet
> database using an HSM under the control of the user is an interesting
> optional feature. One issue of course is that loosing the HSM may render
> the remaining funds in the wallet inaccessible, but for that of course
> users could have backups that use a different key recovery strategy,
> like what we are planning with GNU Anastasis (https://anastasis.lu/).
> And even GNU Anastasis could benefit from an HSM-based key recovery option.
> That said, we also think that most ordinary consumers are unlikely to
> purchase an HSM, at least initially, so we really need to keep this
> optional. Also, the existing team members have AFAIK limited experience
> with HSMs, and I strongly suspect accessing an HSM from all supported
> platforms (WebExtension in browsers, Android App, iOS App) is not going
> to be super-easy. But, if someone has time to work on this, I'd be happy
> to see some progress in this domain.
> As for the crypto, I'd recommend not using SHA1 if it can be avoided,
> even if in this case the existing attacks likely do not matter too much.
> My 2 cents
> Christian
> On 8/16/21 10:08 PM, taler--- via Taler wrote:
>> Hello GNU Taler Mailing List!
>> I have just joined and wish to share my PGP public key with everyone.
>> You may download my PGP public key at: https://raiderhacks.com/gpg
>> While reading the GNU Taler Docs, I noticed if there are any questions on
>> adding support for hardware keys, that I should contact the GNU Taler
>> developers.
>> I wish to ask if it anyone would be interested in adding support for
>> HMAC SHA1 Challenge Response assisted encryption.
>> This is the same hardware-key assisted encryption that KeePassXC offers:
>> https://keepassxc.org/docs/#faq-yubikey-howto
>> If this is done, every time an edit is made to the person's balance database,
>> the user would be prompted to tap their hardware key device. When this
>> happens, a new seed is written into the user's database file, is sent to the
>> hardware key, and the hardware key applies HMAC-SHA1 with a secret
>> that is stored directly in the hardware key. The HMAC-SHA1 output
>> is appended to the user's password to re-encrypt/decrypt the user's
>> wallet database in the future. This dynamic-password approach to
>> encryption is why I chose KeePassXC as my password manager and
>> would love to have the same protection in a system that is designed
>> to allow me to spend money privately and anonymously.
>> Please let me know what all of you think of this.
>> Thanks,
>> Tanveer Salim

reply via email to

[Prev in Thread] Current Thread [Next in Thread]