1

So you create a .kbdx file, protected by a password.

AFAIK in asymmetric key schemes and in WPA-AES brute-forcing consists of:

  • Trying a random password on the private key / on the router
  • If it doesn't log you in, try another.

So, you immediately know if you hit the correct password.

What about a password manager's database? If nothing is known about the content of the file, how would it be possible to crack it?

Xander
  • 35,616
  • 27
  • 114
  • 141
Vorac
  • 1,907
  • 3
  • 20
  • 29
  • 1
    Consider this - when I, as a user, accidentally input an incorrect password into the program, how does Keypass know I did so? As opposed to just giving me garbage groups/passwords. – Clockwork-Muse Jun 30 '20 at 20:58

2 Answers2

7

What about a password manager's database? You know nothing about the content of the file. How do you know you did manage to crack it?

This assumption is wrong. You don't know the entries, but in this case you know the software that created it. That software has a data format. It's even documented in the software project.

The format even contains data validation entries:

In KDBX 4, a data block is authenticated via a HMAC-SHA-256 of the ciphertext (an Encrypt-then-MAC scheme).

Thus you can easily validate the correct key.

vidarlo
  • 14,890
  • 2
  • 43
  • 56
4

Adding to what @vidarlo correctly describes, the answer to your question is:
Yes, the keypass file can theoretically be cracked.

Can it practically be cracked? That depends on the strength of your password. Let's assume that you have a huge list of potential passwords, let's call it rockyou.txt. With john the ripper or hashcat installed, an attacker or any other motivated person (e.g. you, in case that you've forgotten your password) can try to crack it:

$ ./keepass2john my.kdbx > my.hash

Hashcat:

$ hashcat --help | grep -i "KeePass"
13400 | KeePass 1 (AES/Twofish) and KeePass 2 (AES)      | Password Managers

$ hashcat -m 13400 -a 0 -w 1 my.hash rockyou.txt

John t. R.:

$ john --format=KeePass --wordlist=rockyou.txt my.hash

To conclude: The keepass software does not obscure its encryption methods, and that's the correct approach. Instead, security relies on the strength of the secret. It is your responsibility to choose a password that is adequate for your security and usability needs (XKCD #936: Short complex password, or long dictionary passphrase?).

lab9
  • 494
  • 2
  • 7