Key Generation
This document describes the key generation process used in Excalibur, which is based on 1Password's key generation process as described in their security whitepaper.
The key generation process can be concisely summarized in the following flowchart.
Let's examine each step in detail.
-
Password Normalization
- Trim leading/trailing whitespace from the password
- Apply Unicode NFKD normalization to handle different character encodings
- Convert the normalized password to a UTF-8 byte array
-
Slow Hash (PBKDF2)
- Algorithm: PBKDF2 with HMAC-SHA256
- Iterations: 650,000
- Input: Normalized password + Salt
- Output: 32-byte derived key
-
Fast Hash (HKDF)
- Algorithm: HKDF with SHA-256
- Input: Username (as additional info) + Salt
- Output: 32-byte derived key
-
Key Combination
- The final master key is generated by XORing the outputs of the PBKDF2 and HKDF operations
Note that this key generation step is repeated twice. Why? Well, we need two keys for different purposes:
- A key for unlocking the vault1, called the Account Unlock Key (AUK)
- A key for SRP authentication, called the SRP Key
The reason for this is that we don't want a leak of the communication key (i.e., the SRP key) to compromise the vault, and vice versa. To accomplish this, two different salts (an auk_salt and a srp_salt) are used to generate the two keys.