2

I got a typical login setup: Username/password that is passed to server, hashed/salted with PBKDF2, then compared to hashed/salted entry in login database. After that, JWT token is generated and returned to client.

However, after login an AES-256 encrypted SQLite database file needs to be accessed for that user. I obviously don't want to use the stored login hash as the key, especially if they are in the same location because it might as well be plaintext. What if I stored a separate hash/salt operation on the password, then mixed it with a private key stored in a vault, and then used that as the key to open the SQLite file?

Am I making this too complicated? Or should I be pursuing a simpler solution and just putting everything in a vault?

tmn
  • 123
  • 4

1 Answers1

2

It's usually a bad idea to encrypt user data with a key based on their password. What if they forget their password?

If you really want to, the "KDF" in "PBKDF2" stands for Key Derivation Function. So you could use that again to derive a key for the database. Remember to implement a mechanism to change the password as well. Depending on your setup, this might mean encrypting your database with a fixed random key per user, then encrypting that key with the one derived from the password. No PKI required.

Jenessa
  • 1,086
  • 1
  • 8
  • 13
  • Well to clarify if I stored the hashed password (to access the encrypted SQLite database) in a table, I could recover the user's data and then re-encrypt with a new password. I would also employ a private secured key to mix with those hashed passwords, and make that the final key for a given user. – tmn Dec 11 '19 at 23:39
  • But that proposed solution seems to make more sense. – tmn Dec 11 '19 at 23:53
  • When you talk about "the password", you are referring to a master password correct? I think what I'm going to do is when I launch the server application, I will provide the master password on a prompt and then the application can use it at runtime (without storing it at rest anywhere). – tmn Dec 13 '19 at 14:46
  • 1
    Everytime I refer to password it refers to the users (possibly plaintext) password. If you want to use a master decryption key, the most common way to provide it would be via an environment variable – Jenessa Dec 13 '19 at 23:48