Jofen, P. (2020). Hashiko: a generative hybrid password manager for android : design, implementation and security analysis [Diploma Thesis, Technische Universität Wien]. reposiTUm. http://hdl.handle.net/20.500.12708/78420
-
Number of Pages:
96
-
Abstract:
Unlike traditional password managers, generative password managers do not store the passwords in encrypted files, but use one-way functions like hash functions or key derivation functions (KDFs) to derive passwords on-the-fly. For each master password and account/username combination as input values to these one-way functions, a unique website password is generated. Such generated passwords, are certainly not immune to brute-force or dictionary attacks if the algorithm is computationally cheap or the master password is easy to guess. The winner of the Password Hashing Competition (PHC), Argon2, belongs to a relatively new generation of KDFs which require an considerable amount of memory for an efficient computation. Such memory-hard functions (MHFs) may be considered a security best practice for key derivation nowadays. In this thesis, we assess the practicability of Argon2 with different parameters, and compare its runtime behaviour with PBKDF2 and common hash functions (MD5, SHA) on three different Android smartphones: OnePlus 6, OnePlus 3T, Moto G. The results suggest, that Argon2 is certainly practicable in terms of derivation time on all tested smartphones (around 0.5 s to 3 s), but only with low memory settings (m < 1 GiB) and/or low iterations (t ∈ {1, 2}). The conducted benchmark also shows, that the performance gap between older and newer phones is smaller with Argon2 than with PBKDF2. Moreover, we analyze the security of the password generation algorithms of three generative password managers for Android: Salasana, Privacy Friendly Password Generator,Master Password. In this process, eight different types of issues of varying severity were identified, such as no salt is used, low cost factors in key derivation, and so forth. Each of the tested applications are affected by at least one of these problems. Furthermore, we present a new generative password manager Hashikō for Android. This prototypical implementation 1. employs Argon2 for password generation, 2. tries to avoid the issues found in the derivation algorithms of other password managers and 3. allows easy transition to new algorithms and migration of passwords through a flexible, modular password derivation concept.