Looking ahead in security
by Jeffrey Goldberg on
Security is a process, not a product — Bruce Schneier
If you build a tough lock on a door, it is easy to imagine that you have now secured that door and don’t need to think about it anymore. But in the security business life is rarely that simple. Both the “threat landscape” and our understanding of the locks we’ve built earlier changes. The renowned security expert, Bruce Schneier is famous for (among other things) saying more than a decade ago that security is a process, not a product.
1Password works so well because it isn’t just a security product, but it changes the way we deal with with website logins. That is, we do things more securely and more easily when 1Password is around. This is one illustration of what is meant by “process” instead of “product”.
Just as security should be a process for you, it must also be a process for us. We can’t just rest on our laurels, but must respond to and anticipate all threats as well as taking advantage of every opportunity. For an example of an opportunity, iOS 4 allowed us to put additional security measures into how syncing credentials are stored by 1Password for iPhone and iPad, anticipating potential threats by password crackers going against iTunes backups.
In other cases, we have locked down things as old threats became more serious. When weaknesses in the Domain Name System (DNS) became more apparent, we improved the security of our updater (which uses digital signatures to verify that a downloaded update is indeed from us) and even in our preview/icon fetcher to make sure that it visit the same sites you did. With those last two improvements (along with several others not discussed here), I would particularly like to thank Aaron Sigel (AKA @diretraversal) for reporting these.
There are countless little changes that we implemented that have improved security of 1Password such as: the error checking in the automated backups in 1Password for Mac, the handling of input in the Chrome extension, and the management of privileges in the 1Password for Windows installer. We never think that our job is done. Instead we are always looking for how we can make things easier and more secure for you.
We don’t normally announce features until they are delivered, but questions about cloud security require that we talk about upcoming changes to our data format.
The first versions of 1Password stored data in the OS X keychain. This was great because we could just use tools completely built in to OS X. However, there were several disadvantages to this including syncing issues with MobileMe.
There were great advantages to moving to our current data format, the Agile Keychain format. It is far more scalable than what preceded it, and syncing is far easier and more reliable. It also encrypts everything except what is needed for indexing and sorting items and finding potential matches for websites. It was in this move from to the Agile Format that moved from using 3DES to the more modern AES-128 for our encryption. More importantly this is when we protected your master password with PBKDF2, which makes it much harder for automated password guessing systems to discover your master password. A full explanation of this is in our document on cloud storage security. It has also been much discussed in our forums.
When we introduced Dropbox syncing for iOS and 1Password for Windows, it was so awesome that everyone wanted to use it. It was then that we renewed discussing what we can do to give your data more privacy protection.
As I said, we like to be agile and never (well…, hardly ever) announce features before they are delivered. There are two aspects of our next data format that we are willing to announce. It will have even more of your data fully encrypted, with the remainder well obfuscated.
Another security enhancement that I’m ready to reveal is that the new data format will have an increased the number of PBKDF2 iterations used when processing your master password. This will make it even harder for anyone to try to run software that would automatically guess master passwords.
1Password has always been designed with the security feature of only decrypting the smallest amount of information needed at any one time. That has meant that decryption happens frequently instead of just decrypting all of the data when you enter your master password. With improvements in computer processing power over the past few years, we will now be able to switch from AES-128 to AES-256 without having to compromise on performance.
I certainly won’t promise a date for this, but we’ve been working very hard on this. I can tell you that we plan to have this available in 1Password 3. Of course, there will be lots of other things coming with the new data format, but we will keep those under our hats at the moment.
These enhancements, along with others, will make your 1Password data even better suited to life in the cloud. We are looking forward to introducing them to you in full as we continue with the process of making security easy and convenient for you.