16.12. Cryptographic considerations of privacyIDEA¶
16.12.1. Encryption keys¶
The encryption key is a set of 3 256bit AES keys. Usually this key is located in a 96 byte long file “enckey” specified by PI_ENCFILE in The Config File. The encryption key can be encrypted with a password.
The three encryption keys are used to encrypt
data like the OTP seeds and secret keys stored in the Token table,
password of resolvers to connect to LDAP/AD or SQL (stored in the ResolverConfig table)
and optional additional values.
OTP seeds and passwords are needed in clear text to calculate OTP values or to connect to user stores. So these values need to be stored in a decryptable way.
16.12.2. Token Hash Algorithms¶
OTP values according to HOTP and TOTP can be calculated using SHA1, SHA2-256 and SHA2-512.
16.12.3. PIN Hashing¶
Token PINs are managed by privacyIDEA as the first of the two factors. Each token has its own token PIN. The token PIN is hashed with Argon2 (9 rounds) and stored in the Token database table.
This PIN hashing is performed in lib.crypto:hash.
16.12.4. Administrator Passwords¶
privacyIDEA can manage internal administrators using The pi-manage Script. Internal administrators are stored in the database table Admin.
The password is stored using Argon2 (9 rounds) with an additional pepper. While Argon2 uses a salt which is stored in the Admin table created randomly for each admin password the pepper is unique for one privacyIDEA installation and stored in the pi.cfg file.
This way a database administrator is not able to inject rogue password hashes.
The admin password hashing is performed in lib.crypto:hash_with_pepper.
16.12.5. Audit Signing¶
The audit log is digitally signed. (see Audit and The Config File).
The audit log can be handled by different modules. privacyIDEA comes with an SQL Audit Module.
For signing the audit log the SQL Audit Module uses the RSA keys specified with the values PI_AUDIT_KEY_PUBLIC and PI_AUDIT_KEY_PRIVATE in The Config File.
By default the installer generates 2048bit RSA keys.
The audit signing is performed in lib.crypto:Sign.sign using SHA2-256 as hash function.