issue #302; passwords generated differ from different MPW versions

Dr Goulden's Avatar

Dr Goulden

20 Sep, 2019 07:24 AM

It would be useful to see milestones, weight and timelines attached to this git issue, which is correctly tagged as category-critical

The underlying fault completely undermines this promise from the MPW site "Even if a personal or natural catastrophe causes you loss, you can never lose your account passwords — all you ever need is your one and only secret master password and anyone's Master Password calculator app." For this to remain valid, anyone's MPWapp must be the same as anyone else's MPWapp. With different versions of MPW generating different passwords this is clearly not the case.

This issue needs a fix ASAP. The location of this fix in the commit tree will identify the versions affected by the issue. These must be documented to the help pages. That's the easy bit.

Resolving the discrepancy among all the installed versions is considerably more challenging. Ideally every user of MPW would be alerted to the issue, but I suspect that is not possible. A suitable workaround would be to highlight the divergence point and to recommend that users of earlier versions upgrade. The earlier versions could perhaps be 'earlier development versions'. Early adopters would not ordinarily be expected to see that message. However, many early adopters (myself included) recommend MPW, and a suitably prominent notification would be a step in the right direction.

The testsuite going forward needs to include verification of password continuity.

The original issue was acknowledged on the helpdesk immediately (July 16th). Git issue #302 was subsequently logged. On August 24th user Bruno highlighted the significance of this issue. Bruno has a point but over-reacts. MPW is the best currently available solution to an otherwise trying issue. I will continue to use it. And I will continue to recommend it to others once this issue is fixed and communicated. The capabities of the author Maarten Billemont are beyond doubt considerable. These need simply to be applied to resolving this issue as a priority. I look forward to seeing issue resolution in a timely manner.

Best Regards

  1. Support Staff 1 Posted by Maarten Billemo... on 21 Sep, 2019 03:32 AM

    Maarten Billemont's Avatar

    It's important to note that though this distinction is troubling, it only exists on algorithm versions < 3. If all apps are updated to use the current version of the algorithm, they should all agree on the generated password. In this case, the output password for V3 is: Darv8^CukeZaxf, on all devices.

    I will conduct a full analysis of the problem in #302, but for now, my advice is, always ensure you are on the latest algorithm version.

    V0 has a bug in it that causes the algorithm's result to be platform/architecture dependent (more specifically, it performed math on bytes whose numerical value's signedness depends on the platform, thereby resulting on some platforms treating the byte as a positive integer and other platforms treating it as a full integer, yielding different numerical values).

    Thank you for your commitment to this issue and the app, Mat.

  2. Support Staff 2 Posted by Maarten Billemo... on 27 Sep, 2019 02:25 PM

    Maarten Billemont's Avatar

    To address the additional concerns raised here:

    The underlying fault completely undermines this promise from the MPW site

    It is certainly true that for MPW to maintain its relevance, it is absolutely critical that it is universally trustworthy and will generate the correct output on any platform at any time.
    Since the underlying fault is limited to the obsolete V0 algorithm, however, and the current V3 algorithm does not exhibit the issue anymore (it was fixed for V1), I would posit that MPW's promise remains intact, though it becomes necessary for people to migrate their V0 passwords over to V3.

    This issue needs a fix ASAP. The location of this fix in the commit tree will identify the versions affected by the issue.

    This issue was fixed in V1, which was committed to the tree here:

    commit 57769ba1997dd4bb2f24a220dbc2b057eb3ac71b
    Author: Maarten Billemont <[email blocked]>
    Date:   Thu Jan 15 17:43:41 2015
    
    Every app released since then has had support for the fixed algorithms and backwards-compatible support for the old algorithm to enable migration.

    Ideally every user of MPW would be alerted to the issue, but I suspect that is not possible.

    Correct. I do not hold any records on users.

    A suitable workaround would be to highlight the divergence point and to recommend that users of earlier versions upgrade.

    This is what the iOS app does (should do), though admittedly the other apps could do a better job of making the need to upgrade from V0 clear.

    The testsuite going forward needs to include verification of password continuity.

    The test suite tests all algorithms, including V0, for all known edge cases, including this one. The test suite is not currently run against a variety of architectures. I can look into this.

    Any additional feedback / thoughts & recommendations are more than welcome. Thank you for your support and endorsement - they are invaluable to the cause.

  3. Maarten Billemont closed this discussion on 27 Sep, 2019 02:25 PM.

  4. Matthew Goulden re-opened this discussion on 27 Sep, 2019 02:39 PM

  5. 3 Posted by Matthew Goulden on 27 Sep, 2019 02:39 PM

    Matthew Goulden's Avatar

    Maarten,

    Thank you for this clarification. If the V0 algorithm is fundamentally flawed perhaps it ought to be clearly flagged as obsolete/deprecated and for removal from versions going forward? You mention V3 as free of this glitch. What is the status of V2?

    Best regards

    -- Matthew

    ________________________________

  6. Support Staff 4 Posted by Maarten Billemo... on 27 Sep, 2019 02:45 PM

    Maarten Billemont's Avatar

    Well, it's important to recognize that a new algorithm only exists because there is some issue with a previous version that was addressed. V0, V1, and V2 are certainly obsolete, every app defaults new users to V3. The other algorithm versions continue to be supported to allow users the freedom to look up old passwords should it become necessary. The apps will perpetually include support for the old versions for this reason - ie. V0 will never be removed.

    The flaws in the previous algorithms are described here:
    https://gitlab.com/MasterPassword/MasterPassword/blob/rewrite/platf...

    V1 and V2 had issues with multi-byte unicode characters in names (eg. the person's full name or the site's name).

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

09 Oct, 2023 03:28 PM
09 Oct, 2023 02:56 PM
22 Jun, 2022 11:22 AM
02 Feb, 2022 02:22 PM
25 Jan, 2022 11:25 PM

 

31 Dec, 2021 11:42 AM
22 Dec, 2021 06:41 PM
04 Nov, 2021 01:24 AM
30 Oct, 2021 08:29 PM
21 Oct, 2021 08:44 AM
14 Sep, 2021 08:02 AM