Passbolt
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
Title |
| |
Subtitle |
| |
Title of Series | ||
Number of Parts | 542 | |
Author | ||
License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
Identifiers | 10.5446/61620 (DOI) | |
Publisher | ||
Release Date | ||
Language |
Content Metadata
Subject Area | ||
Genre | ||
Abstract |
|
00:00
Roundness (object)Real numberProcess (computing)Self-organizationDiagramComputer animation
00:44
Sinc functionSource code
00:56
PasswordCodeCommunications protocolAlgorithmElectronic signatureWebsiteWeb pageCryptographyClient (computing)Maxima and minimaDefault (computer science)Open setPublic-key cryptographyQR codeDefault (computer science)Data managementData storage deviceWeb browserWebsiteExtension (kinesiology)Server (computing)Client (computing)PasswordPhysical systemWeb 2.0Web pageAlgorithmInstallation artBitCodeKey (cryptography)Message passingFunctional (mathematics)Cartesian coordinate systemSelf-organizationRight angleElectronic signatureInteractive televisionView (database)Domain nameMultiplication signMathematicsArithmetic meanAuthenticationLibrary (computing)Moment (mathematics)CASE <Informatik>Mechanism designInformation securityCryptographyQuicksortPoint (geometry)MultiplicationDifferent (Kate Ryan album)Roundness (object)NumberTerm (mathematics)1 (number)Software developerMetadataRotationRevision controlOpen sourceAuthorizationPerfect groupSystem administratorInformationEncryptionHash functionDerivation (linguistics)MereologyStandard deviationConnectivity (graph theory)Classical physicsGraphics tabletCategory of beingProgram flowchart
10:25
Web applicationException handlingMachine codeMobile appComputer animation
10:40
Menu (computing)AutomationRight angleBitEncryptionBuildingLevel (video gaming)Program flowchart
11:45
PasswordExtension (kinesiology)Field (computer science)Type theoryData managementAndroid (robot)Slide ruleMobile appMultiplication signBiostatisticsSelf-organizationInteractive televisionoutputPasswordWeb pageRevision controlConfiguration spaceFile formatWeb browserWechselseitige InformationHeat transferSystem administratorAuthenticationProgram flowchart
14:08
Web browserKey (cryptography)MathematicsMoment (mathematics)2 (number)QuicksortProgram flowchartComputer animation
15:48
Program flowchart
Transcript: English(auto-generated)
00:05
Amy? Yeah. Go ahead. Please welcome to the stage, Remy Berteau. Hi, everyone.
00:20
So I just wanted to say thank you to Fosdem for inviting us again this year. And maybe we can acknowledge the fact that it's been two years without Fosdem in real life, and it's really nice to see you. And thanks a lot for the volunteers and the organizers of the Fosdem. Maybe we can give them a quick round of applause
00:40
because they are doing an amazing job. Thank you, guys. So this is the original PassBolt team in 2017, just after the first launch of PassBolt. And the team have grown quite a bit since. And it's nice to see you all. So who's using a password manager in the room?
01:01
Wow. Amazing. Who's using KeePass? Quite a bit. And Voltwarden, Bitwarden? Nobody's perfect. PassBolt? I'm glad to see the PassBolt developers raising their hands.
01:21
So you're like, OK, wait. Another password manager? Or is PassBolt different from? Well, to assess the difference, we will start first with the security. I will tell you a little bit what are the difference in terms of security between PassBolt and other more classic password managers. So one of the main aspect of PassBolt
01:41
is it is based on OpenPGP. So it's based on public key cryptography. Who knows a little bit about OpenPGP? OK, quite a bit. So I don't need to explain so much. But traditional password manager use master password, the master key that is generated
02:00
from the user password. And then you have a derivation. They use a key derivation function. So argon2 or something less strong. So for example, key pass use argon2. And last pass use pbcatf2. And I think Bitwarden and Voltwarden are going to support argon2 very soon.
02:22
But historically, this algorithm, they depend on the amount of rounds that you do, especially the pbcatf2. They depend on the number of rounds that you do on the user password. And if the user password is weak, also the encryption strength is affected. So when you use a private key that is truly random,
02:43
like in PassBolt and some other password managers, like 1Password is doing that as well, they pad with a random private key the user password. You have some interesting security property on top. So it's a little bit stronger, because it's not
03:02
depending on the user password strength. And you also have, thanks to the OpenPGP being inter-operable standards, you have the ability to choose which algorithm you want to use. So for example, you could choose the size of the RSA key that you're using. Or you could opt for elliptical cryptography,
03:24
newer algorithms that are almost part of the OpenPGP standard. And reduce the size of the messages, so you can play a little bit with the algorithm depending on your requirements. So the way it works in PassBolt is we encrypt every secret, which
03:41
is at its baseline a JSON component. We encrypt it once per user. So it means that, for example, when you want to revoke the access of somebody, for example, this person leave the organization and you want to make sure that their access is completely
04:02
revoked, we just have to delete the entry for that particular user. How it works with other password manager, it depends. But some of them, what they do is that they create what they call a vault or a collection. And they encrypt a bit like in OpenPGP a session key
04:23
with the public key of the users. So when the user leave, they are not able to actually revoke the access. So if the user, for example, managed to get a copy of the session key, they can still access later the archive, even though they don't have the logical rights.
04:43
So having a private key is not that great when it comes to usability, because you need to transfer that key to other devices. So it makes the interaction with the system a little bit more complicated. So for example, when you use a mobile phone to transfer from your browser to the mobile phone,
05:02
we will have a succession of QR code to make sure that we are not sending the key server side and all that. So it makes the interactions a little bit more complicated than just the user typing their passwords. The advantage of having public key cryptography available is that we can also change the authentication system.
05:23
So we have a challenge-based authentication system where the user needs to encrypt for the server random generated token. The server will verify the signature and will send back that token. And at the same time, encrypt with the user public key
05:44
another random token that would be used by the user to authenticate later. So it's, in practice, much stronger than just sending, for example, the password or hash version of the password, because each authentication attempt is unique.
06:00
And you also have the advantages of checking the authority of the server at the same time. So it's not prone to credential stuffings. So you cannot, for example, try multiple password and try to authenticate with that. You need to prove that you have the possession of the private key twice.
06:21
Another big difference with the other password managers, especially the ones that are online, is that we force the usage of a browser extension. So these have the advantages of if the server is compromised, an attacker cannot modify the JavaScript that
06:40
is running the application. They cannot, for example, write a customization that takes the passphrase and sets it somewhere else. So if the server is compromised, they cannot change the code of the application that is run on the client. One of the advantages of this is that you can also roll out updates automatically.
07:01
So for example, if you're using passwords in your organization, if there is a flaw in the client, you will get automatically the updates. You don't need to update your server to get a fix on the client. So these have the disadvantage that you need to trust us with the update.
07:21
At least you need to trust the web store, or you need to basically set up the web store yourself. And also, it's not specific to passcode, but when you run a browser extension, typically the website can find out if you have this extension installed or not, or at least find out if you have an extension installed.
07:42
So one of the advantages of having a browser extension is you can do form interactions. So for example, you can suggest things in a form or that sort of thing. So when you see the application of Passboat, when you visit the website, it's actually not the website
08:00
serving this application. Everything is in one iframe. And the website that is serving you basically just a white page. And the browser extension is injecting an iframe, and the website cannot enter inside that iframe thanks to browser behaviors, how they sandbox iframes of browser
08:22
extension, because they consider this from the point of view of being on a different domain. We have also anti-phishing mechanism available by default. You've seen maybe with one password or between them, there are campaigns going on at the moment where they try to trick the users to enter their passphrase.
08:42
In the case of Passboat, we have a mechanism built in by default. So as you can see, we are very transparent about the risk and the residual risk and the strengths of Passboat. So we are 100% open source. We are audited at least, I think,
09:02
it was 10 times in 18 months. And we have one audit going on right now, and we have another audit at the end of February. We work mostly with Cure53, who are based in Germany, and they do a lot of auditing for password managers. So every time we release a big feature, they audit the changes.
09:21
Of course, it doesn't mean that it's perfect. We are human, so it's possible that there are some mistakes in the libraries that we use or in what we are doing. But at least we are trying to be transparent about what are the efforts that we make to report this vulnerability, if any, and fix them in a timely manner.
09:41
So OpenPGP is not perfect. You have all the algorithms that you don't want to run. So we need to also make sure that we are not letting you use bad algorithms. It's not quantum resistant. We have still a lot of metadata that are not encrypted,
10:00
but we don't offer user key rotations. So all these risks are explained to the end user. Of course, not everybody can understand this, but if you are an administrator running this, then you have access to this information. One thing I didn't mention is we are made in Luxembourg. So if you are into digital sovereignty, it might be interesting for you. So OK, in security, that was two-thirds of the talk, sorry.
10:24
But how does it look like? So it's mostly a web application. You can have it on most of the browsers, except Safari. We have a desktop app coming soon, and Android and iOS native application. One of the strengths of Passport
10:42
is that you can assign permission in a granular fashion. So since the secret is encrypted once per person per entry, we are able to do interesting user experience when it comes to share. So for example, we can share with group. We can assign rights to folders.
11:01
And we can, instead of having rights at the collection level where you have everybody that have access to the collection that have the same right for all the entry in the connection, we are able to do things a little bit more fine-grained. Since you are all developers, it might interest you as well, that if you have curl and GPG on the system,
11:20
you can pretty much interact with Passport because it doesn't require any fancy technology to be able to retrieve the secret, decrypt it, or even basically push an update. So you can do some interesting things. For example, if you want to inject secrets in your pipelines or even build something with Ansible,
11:42
you can integrate with Passport quite easily. So as I mentioned before, we also have the quick access, which is interaction in the page that allows you and your user, especially the non-advanced user, to be prompted to use a password manager.
12:02
We have iOS and Android app. They are native apps. And you can use biometrics to liberate the passphrase so you don't have to type your passphrase all the time. You can host it yourself. There is no phoning home. Basically, it works offline if you want. And some of organization that are using Passport
12:22
are working in an air gap environment, and it works fine. We have basically packages for all distributions, but we are trying to keep up with all the versions. It's kind of complicated, so we might not have precisely the version that you want, but there is a good chance that you will find something that interests you. And we have a one-click install with AWS AMI
12:42
and DigitalOcean if you are into that kind of things. What's cooking for 2023? So we are doing mobile-to-mobile key transfer. So we have desktop-to-mobile. We want to do mobile-to-mobile, and then mobile-to-desktop so that basically people can start their journey on Passport from any device and transfer their key easily.
13:00
But it's not completely there yet. We want to allow administrators to enforce MFA, even though the authentication in Passport is quite strong. Still, people want to tick that MFA box, and we want to give them the tools to do that. We will support Pasqui's WebOTN for 2FA as well.
13:22
There is a new website, some more great configuration stuff coming, user self-registration, desktop app. And then later on, we are going to work on password expiry. Manifest V3 is the new format that is pushed by Google for browser extension. It brings zero value for the end user,
13:40
but Google says we have to do it. And then custom fields and more content types and the ability to choose what is encrypted or not, so that maybe your organization wants to search on certain fields. Some other organization wants to have it encrypted. So we will give you flexibility to create your own custom types and define what is searchable and what is not.
14:01
So I had a lot of slides on how it's made of. Obviously, I ran out of time. But if you're interested and you want to have a chat with us on how it's made, we will be at the bar behind at 6 o'clock. And we will be giving out some swag. So we have a little fortune wheel that you can spin
14:22
and a verb that you can even win a car. OK, that's all for me. Thanks a lot.
14:41
Any questions for Remy? We have like 42 seconds. That will be a quick one. CLI, code, and browser extension, and one to apply.
15:00
Are you thinking about something like this? Yes, he's asking if it would be possible to have like one key per device instead of having one key to hold them all. And we've talked about this. And it's an interesting idea. But that would mean like a breaking change.
15:21
And so it would, yeah. But that's an interesting idea. As I mentioned, there's no key revocation at the moment. But this is also something that we want to do to allow people to rotate their keys and that sort of things. Thank you, Remy. Thank you very much.