2

I used to have my database set to 20.000.000 key transformation rounds and it would be fast enough on my PC but I found it takes too much time on my phones so I went to lower it and couldn't notice this:

Settings

I use a key file as master password so as far I know, I'm safe from dictionary attacks on my master password correctly?

If so would be safe to set that for something like 10.000 just for sake of convenience?

techraf
  • 9,159
  • 11
  • 45
  • 63
Freedo
  • 2,273
  • 5
  • 20
  • 29

1 Answers1

4

The point of using the key file in KeePass is that you can keep the file out of reach (on external media) and connect it only when you need to unlock the database.

As you consider phones, you likely have no way of moving the key file outside of the regular filesystem. That in turn means it does not bring any security benefit. Refer to this guide, especially the "Location" section.

If you use composite method: password and key file, having the file on your phone nullifies the value added, so your assumption "I use a key file [ ] I'm safe from dictionary attacks on my master password" is false.

In effect decreasing the number of rounds for the password has the same effect regardless if you use the key file or not.

If you use only the key file, decreasing the number of rounds does not affect you security, as it is already zero.

Technically, according to the documentation, the key file is not subject to the multiple key transformation rounds, instead its SHA-256 is calculated only once:

When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents)

(...)

To generate the final 256-bit key that is used for the block cipher, KeePass first hashes the user's password using SHA-256, encrypts the result N times using the Advanced Encryption Standard (AES) algorithm (called key transformation rounds from on now), and then hashes it again using SHA-256.

Community
  • 1
techraf
  • 9,159
  • 11
  • 45
  • 63
  • Sorry but I didn't understand your answer. I transfer the key file manually to my phones. I don't use a written password and don't want to use one. I just want to know if decreasing the number of rounds will decrease security if one just uses key files as passwords. – Freedo Jul 27 '16 at 05:50
  • @Freedo Ok, let's explain bit by bit. First, do you understand the following phrase from the referenced page? "selecting a file out of thousands existing on your hard disk basically doesn't increase security at all, because it's very easy for malware/attackers to find out the correct file" – techraf Jul 27 '16 at 05:55
  • Oh ok thanks. I just don't the hassle of having to remember a master password for myself. But anyway I believe if my PC/Mobile is compromised then my keepass database would never be secure anyway. – Freedo Jul 27 '16 at 06:27
  • You can just store the passwords in a text file then. It's equally secure. – Josef Jul 27 '16 at 06:45
  • 3
    One other important use of a keyfile is when you use an untrusted storage to store the database (for instance, a cloud service that you use to synchronize the DB between systems). In such a case, you use the keyfile to mitigate the risk associated with the cloud service (as opposed to the risk linked to the device itself). – Stephane Jul 27 '16 at 06:51
  • @Josef The biggest strength of KeePass is not protecting your keys if your PC/mobile is compromised, but not having to reuse passwords. I'm happy with just that. – Freedo Jul 27 '16 at 15:49
  • 1
    When you store your passwords in a text file, you also don't have to reuse them. If that level of security is adequate for you, that is ok. – Josef Jul 29 '16 at 08:04