Update password specifications

[EdOverflow]

CHVote currently requires a password length of 9-10 characters. On top of that, your composition rules state that the password must contain at least one uppercase character, one lowercase character and one digit. This is not a good password guideline and I think this needs to be updated.

private static boolean isPasswordValid(String newValue) {
     // Length should be between 9 and 10 (incl)
     boolean validLength = newValue.length() >= 9 && newValue.length() <= 10;
     // Password should contain at least one upper, one lower and one digit
     boolean validPattern = newValue.matches(".*[A-Z].*") && newValue.matches(".*[a-z].*") && newValue.matches(".*[0-9].*");
     return validLength && validPattern;
}

Link: https://github.com/republique-et-canton-de-geneve/chvote-1-0/blob/master/admin-offline/src/main/java/ch/ge/ve/offlineadmin/controller/PasswordDialogController.java#L56-L62

In case you missed it, NIST updated their password guidelines here: https://pages.nist.gov/800-63-3/sp800-63b.html#memorized-secret-verifiers

Verifiers SHOULD permit user-chosen memorized secrets to be at least 64 characters in length.

All printing ASCII [RFC 20] characters as well as the space character SHOULD be acceptable in memorized secrets; Unicode [ISO/ISC 10646:2014] characters SHOULD be accepted as well.

Verifiers SHOULD NOT impose other composition rules (mixtures of different character types, for example) on memorized secrets.

[chvote-etat-de-geneve]

Hi,

Thank you for your feedback and for your interest. However, a bit of context is necessary in order to better understand this point.

The actual password is composed of two halves, entered by two independent teams of elected officials and then combined, as shown in KeyGenerationController.java#L109. Thus the resulting password is between 18 and 20 characters.

Those passwords are generated during the vote preparation phase, and used to secure the electoral board private key, the copies of which are securely held by other independent groups of people. The key is unlocked during the tallying phase, usually about 1 month after the passwords have been generated. During this time, the key is never available in any connected equipment, and not susceptible to brute-force attacks.

Furthermore, the users of this feature are a predetermined and restricted group of elected officials, who may request a change to the format of the passwords.

In this context, we consider the entropy of the combined password sufficient and see no reason to force a change upon the users. However, if the application starts being used in a wider context, it would probably become interesting to provide configuration properties so that each election authority may define the format required by their elected officials.

[kaworu]

Those passwords are generated during the vote preparation phase, and used to secure the electoral board private key […]

Can you elaborate on how they are generated? By that question I mean are they chosen by the elected officials teams, or someone else, or actually randomly generated?

[chvote-etat-de-geneve]

They are chosen by the elected officials teams to protect a randomly generated private key, wrapped in a keystore.

[EdOverflow]

First off, thank you for the context and clarification. I am thoroughly impressed by the responses from your team.

Now concerning the issue here: If, as you stated, elected officials teams are in charge of picking a password, do they have to memorise this password? If so, we should be focusing on this particular point:

Verifiers SHOULD NOT impose other composition rules (mixtures of different character types, for example) on memorized secrets.

[kaworu]

@EdOverflow The system overview document suggest that they don't need to memorize them:

https://github.com/republique-et-canton-de-geneve/chvote-1-0/blob/master/docs/system-overview.md#phase-2-ballot-box-sealing The Electoral Board passphrases are kept stored on paper forms, themselves stored in sealed letters kept safe by a notary.

[EdOverflow]

Thanks @kAworu! In that case this isn't an issue.