On 06.04.2012 16:55, Greg Stein wrote: > On Apr 6, 2012 2:06 AM, "Branko Čibej" <br...@apache.org> wrote: >> On 06.04.2012 00:38, C. Michael Pilato wrote: >>> I've been also frustrated when considering the situation that occurs > when a >>> user changes his/her master password, forcing a re-encryption of all > cached >>> credentials using the new password. >> You could do what whole-disk encryption systems do: only the encyprtion >> key is encrypted by the master passphrase, actual data are encrypted by >> that key. This allows different users with different passphrases to >> decrypt the same data, since they only decrypt a wrapped copy of the >> same encryption key. >> >> In other words, changing the master passphrase only requires decrypting >> and re-encrypting one 256-bit encryption key, not the whole credentials >> store. > PKBDF2 is in the current design to make dict attacks computationally > "impossible". Assuming we keep that, then the above value would be fed in > as the secret to PKBDF2, rather than MP or sha1(MP) ?
That's the idea, yes. -- Brane