What about integrating with an external credentials store such as:
http://xordataexchange.github.io/crypt/?
Granted, it means FB is dependent on an external library application.

On Sat, Aug 22, 2015 at 11:36 AM, Jim Starkey <j...@jimstarkey.net> wrote:

> Problem:  How to start server on encrypted database files with a human to
> supply a password.
>
> Idea:  Assume SRP is being used for authentication and that all (or most
> or some) are using long, randomly generated passwords from a client-side
> vault (or equivalent).  This means that it is safe to store
> account/salt/verifier triplets in an unencrypted file external to the
> database (if you want to get fussy, hash the accounts).  The server starts
> up unabled to access the database file. In this state, the first SRP
> connection request is processed through the external verifier file.  After
> a secure connection is established with the client, the server requests
> that the client send a hash of the client's password that is used to open a
> server-side client specific vault containing the generated password for the
> master vault that contains the database file encryption key.
>
> The verifier file would be recreated by the server whenever a verifier
> changed.  The account specific server-side vaults would be recreated
> whenever an account password was changed.  Changing the master password
> would be a real pain in the butt.
>
> The only way for an attacker to crack the system is with a stolen client
> password (not present anywhere on the server) or by breaking a server-side
> client or master vault, all of which can be substantially hardened with
> high pbkdf2 iteration counts.
>
> An attacker could also break the system by subverting a client, stealth
> the client password by hook or by crook, taking over the server, forcing a
> database server restart, and jumping in from the compromised client.  But
> at that point, you are so hopelessly compromised that nothing is going to
> work.
>
> Jim Starkey
>
>
>
> ------------------------------------------------------------------------------
> Firebird-Devel mailing list, web interface at
> https://lists.sourceforge.net/lists/listinfo/firebird-devel
>



-- 
Raymond Cote, President
voice: +1.603.924.6079 email: rgac...@appropriatesolutions.com skype:
ray.cote
------------------------------------------------------------------------------
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to