Can we trust onetimesecret?

Key exchange is routinely done without using external services, by using cryptography. The most popular key exchange algorithm is Diffie-Hellman.

Quoting Wikipedia:

The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel.

If you use Diffie-Hellman, don't use the anonymous version, but either fixed or ephemeral DH. See this answer.

Clearly, don't roll your own cryptography for anything real (i.e. outside of self study). Use something like OpenSSL for that.


What is the better alternative to exchange a key?

Better in what way? Security? Simplicity?

In the case of security, have multple methods of key transmission.

For example, give 10 characters through phone, 10 characters through text, some more through onetimesecret, some more through another website (for example, https://read-once.info).

This way, even if one of the website/method of transmission is untrusted, they do not have the full key, but only a small part of it.

Of course, instead of plain text, you can also encrypt it first with Alice's public key. If you'd like, you can also give useless (or not enough) information for Alice to easily find the right key.

For example, give Alice "ABC", "123", "!@#" and "XYZ" through different methods of transmission when the full key is "XYZ123ABC" ("!@#" not used).

That is, have Alice permute all the given pieces.


I wouldn't trust a third party for storing secrets, however I do like the convenience of being able to share via a URL link.

To try to get the best of both worlds, I wrote self-destruct-o (https://self-destruct-o.control-alt-del.org/).

It's similar in concept to onetimesecret but with a few advantages:

  • It's trivial to run your own instance, code and instructions here: https://github.com/marksteele/self-destruct-o
  • No servers required! (although you will need an Amazon AWS account). The backend can run in the free tier!
  • When providing a passphrase for the secret, it derives an encryption key from the passphrase and then encrypts the value using AES-256 in CBC mode in your browser prior to sending it to the backend service.

You can email the link, and share the passphase over a second channel (eg: phone, sms) and can be sure nobody can intercept the secret.

More details here: https://www.control-alt-del.org/post/one-time-password-sharing-securely/

Tags:

Key Exchange

Related

Can Someone Fake A PHP Session Variable How to handle emails as usernames under GDPR? Is there any security risk when a certificate authority is used more than all others? Received a set of SMS/MMS containing 2 photos, a voice message, and a text "I need help" with Google Maps link from a known contact. Is it spam? Why use usernames and not just email addresses to identify users? What is the difference between "Incident", "Attack" and "event"? Why would I ever use AES-256-CBC if AES-256-GCM is more secure? What are the real physical risks of casual social media publishing? Secure way of masking out sensitive information in screenshots? If I'm PCI-DSS compliant, do I need to worry about GDPR? Why don't browsers block cross-site POSTs by default? Why has Ubuntu 18.04 moved back to insecure Xorg?

Recent Posts