JamieDriver
commented
1 year ago As it stands the server serves a (initially randomly generated, but then persisted) 32-byte key when a correct PIN is given. If an incorrect PIN is given a random 32-bytes is returned. (This is to make attacks more difficult, as an attacker can't probe with random PINs looking for 'pin incorrect' error responses).
This 32-bytes should be combined with the PIN client side, to yield an AES key, or something very similar, which you can then use client side.
There is no option to push explicit data to the server as it stands.
eg.
- user enters PIN
- client salts/hashes in some way, and sends to PINserver as the 32-byte 'pin_secret' (hashed so an attacker can't obtain the numeric PIN from pin-secret, and salted so attacker can't tell if two users have the same PIN or brute force for the hashes of the 1million PINs).
- server returns 32-byte response (ie. persisted key entropy if pin correct, random noise if bad)
- client combines entered PIN with returned 32-bytes to get local key, eg. hmac(server_data, pin) (so attacker can't deduce local key from seeing value returned by server).
- use key to check an hmac or similar, to verify key same as was used to previously encrypt (will fail if PIN was incorrect and returned server-data was junk)
- use key to unlock/decrypt locally persisted data
Hi,
I am having trouble setting up a pin server for personal use out side of jade wallet. Is there documentation on the server API calls?
If not I'd like to just be able to store a bit of data in the server that can only be fetched via the pin.
Thanks!