<div dir="ltr">I thought we all assumed 'security questions' are just security vulnerabilities, and just fill them in with `crypto.randomBytes(64)`.<br></div><br><div class="gmail_quote"><div dir="ltr">On Mon, Aug 22, 2016 at 5:59 PM Julien Vehent <<a href="mailto:jvehent@mozilla.com">jvehent@mozilla.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Tue 23.Aug'16 at 10:48:28 +1000, Ryan Kelly wrote:<br>
> On 23/08/2016 10:43, Richard Newman wrote:<br>
> > Under the hood there would be a bunch of shamir's secret sharing and key<br>
> > wrapping palaver to actually make things go.<br>
> ><br>
> > You mean like wrapping the user's kB with their own kA (prove ownership<br>
> > of your account) plus your friend's kB (prove non-resetness of their<br>
> > account)? Yeah, that's a dance, but it could work :)<br>
><br>
> Right, something like that. Alternately, wrap kB with an escrow<br>
> recovery key kR, shamir split the secret kR, and encrypt the different<br>
> parts of it in different ways - one part with the user's kA, one part o<br>
> with the buddy's kB, one part with answers to security questions, etc.<br>
><br>
> But at that point I may be wandering into "fun crypto games" territory<br>
> rather than "solve a user problem" territory, which does happen to me<br>
> sometimes :-P<br>
<br>
Just to be a downer here (apologies in advance).<br>
<br>
I think that works great in theory. In practice we would end up with<br>
a bunch of users who listed their ex-spouse who left with the dog and<br>
the microwave 2 years ago and can't be reached out. I can already see<br>
the bugs coming into triage...<br>
<br>
I like the algorithm Richard described, but as a user, I rarely remember<br>
any of my security answers. To the point that I write them down in an<br>
encrypted file. I'd be curious to know how non-tech users handle them.<br>
<br>
- Julien<br>
_______________________________________________<br>
Sync-dev mailing list<br>
<a href="mailto:Sync-dev@mozilla.org" target="_blank">Sync-dev@mozilla.org</a><br>
<a href="https://mail.mozilla.org/listinfo/sync-dev" rel="noreferrer" target="_blank">https://mail.mozilla.org/listinfo/sync-dev</a><br>
</blockquote></div>