Encryption of encryption keys

Mikhail Pustovalov, 29.01.2015.

In TeddyID, to securely store the passwords of users of our Password manager we use encryption. The result of encryption is a pair of a key and ciphertext, the former (the key) is stored on the user side, the latter (the ciphertext) — on the TeddyID servers.

To store passwords safely, each user has a key, which is used for encryption and decryption of his passwords. This key is stored on all browsers that user is using. This creates the possibility that in case of loss of  one of the computers, the attacker could gain access to the user’s key. The key alone gives no benefit to the attacker, but after the attacker has got the key, he needs to get user's encrypted passwords in order to compromise them. The key itself can not be changed after the theft because the passwords are already encrypted with this key. So, we lost one protection factor of the two.

To avoid this risk, now we encrypt the encryption key too. The key for the encryption key is generated per user’s browser. Therefore, in different browsers different ciphertexts of his key are saved. The decryption key is retrieved along with the encrypted password upon each login of the user from an approved browser. This enables you to protect yourself from the key being compromised with the loss of the computer holding your key. To do this, just go to the browser control panel at TeddyID.com and delete the lost browser. Disabling of the lost browser makes the attacker unable to decrypt your key, and thus keeps your passwords safe.