@node EBlob
+@cindex eblob
+@cindex encrypted configuration
@unnumbered EBlob format
-Eblob is an encrypted blob (binary large object, in the terms of
+EBlob is an encrypted blob (binary large object, in the terms of
databases), holding any kind of symmetrically encrypted data with the
passphrase used to derive the key. It is used to secure configuration
files, holding valuable private keys, allowing them to be transferred
low-entropy characters. Low-entropy text is much more easier to
remember, and its length provides pretty enough entropy as a result.
+@cindex password
+@cindex balloon
+@cindex Argon2
Password strengthening function is applied to that passphrase to
mitigate brute-force and dictionary attacks on it. Here,
@url{https://crypto.stanford.edu/balloon/, Balloon} memory-hard password
(@url{https://password-hashing.net/, Password Hashing Competition}
winner).
-Eblob is an @url{https://tools.ietf.org/html/rfc4506, XDR}-encoded structure:
+EBlob is an @url{https://tools.ietf.org/html/rfc4506, XDR}-encoded structure:
@verbatim
+-------+------------------+------+
@end multitable
@enumerate
-@item generate the main key using @code{balloon(BLAKE2b-256, S, T, P,
-salt, password)}
-@item initialize @url{https://blake2.net/, BLAKE2Xb} XOF with generated
-main key and 32-byte output length
-@item feed @verb{|N N C P B 0x00 0x00 0x03|} magic number to XOF
-@item read 32-bytes of blob AEAD encryption key
+@item generate the key using @code{balloon(BLAKE2b-256, S, T, P, salt, password)}
@item encrypt and authenticate blob using
@url{https://cr.yp.to/chacha.html, ChaCha20}-@url{https://en.wikipedia.org/wiki/Poly1305, Poly1305}.
- Blob is splitted on 128 KiB blocks. Each block is encrypted with
- increasing nonce counter. Eblob packet itself, with empty blob
- field, is fed as an additional authenticated data
+ EBlob packet itself, with empty blob field, is fed as an additional authenticated data
@end enumerate