undefined | Better HN

0 pointsCyberRage5y ago0 comments

Nono. the master-key never leaves the device.

Via the master-key, the program derives(locally) the key to encrypted the data and a different secondary key for authentication against the server. without knowing the master-key you can't decrypt the vault even if you were able to trick the server into sending you the vault.

The vault is decrypted locally

0 comments

fuoqi5y ago

Deriving two separate keys does indeed improve the situation, but still not ideal, see: https://news.ycombinator.com/item?id=26230259

j / k navigate · click thread line to collapse

0 pointsCyberRage5y ago0 comments

Nono. the master-key never leaves the device.

The vault is decrypted locally

0 comments

fuoqi5y ago

Deriving two separate keys does indeed improve the situation, but still not ideal, see: https://news.ycombinator.com/item?id=26230259

j / k navigate · click thread line to collapse