dkelly/pynkode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
75168955fa9406e42bf74290b7ddeffdeb7fa330
pynkode/docs/tabletop-discussion.md
Donovan 021e468494 move tabletop-discussion.md
2025-03-30 04:44:35 -05:00

3.5 KiB
Raw Blame History

Table-top discussion

Documentation and Tutorials

  1. Enrollment
  2. Login
  3. Cipher and Renew
  4. nKode API Tutorial 1
  5. nKode API Tutorial 2
  6. Dispersion Tutorial
  7. Split Shuffle

Discussion Topics

nKode Length

Memorized Secret Memorized secrets SHALL be at least 8 characters in length if chosen by the subscriber. Memorized secrets chosen randomly by the CSP or verifier SHALL be at least 6 characters in length and MAY be entirely numeric.

  • The minimum entropy for a randomly chosen memorized secret is approximately 20 bits.
  • A keypad with 6 keys, each having 9 properties, exceeds this requirement with a minimum 4-character nKode, providing approximately 23 bits of entropy.

nKode Observation

Dispersion Attack

nKode Over low-bandwidth

nKode Over Unencrypted Channel

  • TOTP
  • DARC

Discussion Outcomes:

Attacks and controls

Attacks Controls
Screen Recording Attack Split shuffle/more icons per key than keys
Exfiltrated DB Physically separated keys and icons, partial or full encryption, nKode renewal
*APT *Don't wait for garbage collector, manage timeouts
Phishing Dispersion Resistant Keypad, nKode policy, passkey protected keypad icons
*MiTM TLS, *TOTP shuffle, *DARC

*not implemented yet/needs another look

asks for Dr. Kandah

  • Evil nKode screen watching/key replay
    • Given a particular policy and keypad size:
      • what is the probability of a key replay?
      • what trade-offs are made between key replay and cracking an nkode?
    • Is the split shuffle unbiased?
    • Can we rig the shuffle in our favor with keypad caching or other techniques?
  • Dispersion Attack/Phishing attack
    • is the dispersion algorithm unbiased?
    • Develop a modified dispersion algorithm to phish a dispersion resistant keypad
  • validate the cipher
    • validate the server-side values
    • validate the relationship between the mask and the hash
    • validate the renewal
    • are these processes/algorithms secure?
  • What is the minimum amount of encryption needed to secure user's nkodes against a full/partial database exfiltration
    • How long will it take to brute force a hash with a full plain text breach of the database and what's gained?
  • How often do nkode icons need to be changed to maintain security if at all?
    • if it does need to be changed can we start with 4 icons and add icons over time then roll the icons (drop the first icons and append a new one) after reaching a max size?
  • Low-bandwidth: how low can we go?
    • TCP vs UDP
    • Security of RX/TX without tls/encrypted channel
  • Hypothetical: What security gains are made if we split the cipher keys into multiple parts and put them on different machines in many locations?

Other stuff:

  • unbiased icons/psychology