Ask HN: Encrypted File as a Login Method
Generate a file containing a random string of text, then encrypt it
Calculate the sha256 checksum of the encrypted file and store it in a database. Then provide the file and the decryption key to the user for download.
When the user wants to login, they upload that file to my server in a buffer, where the sha256 is calculated and checked against the database. If it matches, user gains access to their account data, associated with the checksum. If it doesnt, the file is rejected. Either way, the encrypted file is deleted after checking.
I think this would be really secure because if my server is compromised, the only thing an attacker would have is sha256 checksums as user identifiers. I know there's probably hashing/file-handling attack vectors, as well as file-collision scenarios(although rare, still possible)
Are there any additional considerations I should take into account with this project? Also, security QA's as recovery in case they lose their file.
13 comments
[ 2.8 ms ] story [ 43.5 ms ] thread2. You should always "salt" stored password hashes. https://en.wikipedia.org/wiki/Salt_(cryptography)
3. I think you should look at resources like https://www.vice.com/en/article/wnx8nq/why-you-dont-roll-you... https://security.stackexchange.com/questions/18197/why-shoul... https://www.infosecinstitute.com/resources/cryptography/the-... to examine the arguments against trying to develop your own security schemes as someone with less experience in this space.
see how mullvad does it
The reason I am intentionally not considering user device security, is because with this method, I intend to give users ownership of their data. They own their computer, they own their security. I just want to provide a secure means of blogging where they dont have to worry about my server being compromised, because if it is, the attacker will only see sha256 checksums associated with user posts/comments. The posts/comments themselves will be publicly available just by visiting the website.
If it's random, why do you need to encript it?
> When the user wants to login, they upload that file to my server in a buffer, where the sha256 is calculated and checked against the database. [...] Either way, the encrypted file is deleted after checking.
This is exactly like the standard method to login users. You don't store the password in the server, you only stored a hash of the password. Why are you proposing to use sha256 instead of bcrypt or scrypt?
My recomendation is to horseshoe this to a standard user+password implementation, becuase people that know more about security than you and me have thought about it.
Perhaps your server can just ignore the username, so everyone is forced to be anonymous.
The file you are proposing is a password. It's just a strong password generated by the server intead of a hand made silly password.
Usualy there is an implicit user->salt table in the server (that is the first part of the stored hash). So you will have unsalted passwords, that is probably not a problem if they are really strong and are not reused.
If you use a standard ignored_username+strong_password then the browser or a password administrator can keep them and makes the user life easier. (I'm not sure about the supporr of server generated passwords in browsers and administrators.)
Note: bcrypt or scrypt are hashes designed for passwords. They are relatively slow to prevent brute force atacks. The slownes can be regulated and they include salt. https://en.wikipedia.org/wiki/Bcrypt https://en.wikipedia.org/wiki/Scrypt
I agree. Good luck with your project. Remember to post it here when it's working or when you have an interesting blog post about an update in the advance of the implementation.
Anyway, as my father used to say, write everithing as if it will be published tomorrow in the front page of a major newspaper of your country.
One of my big concerns is moderation and legal, as I know cybercriminals/scammers will see my platform as a viable tool for their operations. I'm thinking blocking known malicious IP's, maybe some kind of regex system. Ill still new to this so if you have an suggestions, I am desperate to hear them.