The pass phrase is central to the system’s security. A strong pass phrase is vital for sufficient encryption strength. However, a strong pass phrase can be hard to remember, and all data would be worthless without the exact pass phrase. Thus, a secure pass phrase recovery system has been implemented.
When a pass phrase is created or changed the user answers several security questions. The answers to the questions generate an encryption key, which is used to encrypt the pass phrase. A new random 256-bit encryption key is generated, and the data is encrypted again. The 256-bit encryption key is then encrypted with a 3072-bit RSA public key. The associated private key is encrypted and secured by an extremely secure pass phrase only known to master technicians.
Pass phrases are stored in this dually encrypted fashion on the server. To recover a pass phrase the client program generates a random 3072-bit RSA key and sends the public key in the request file to the server (ensuring only the client that generated the recovery request can attempt to recover the pass phrase). A master technician decrypts the outer layer and re-encrypts it with a new random symmetric key, encrypting the new random symmetric key with the public RSA key in the recover request. The client program downloads the response and decrypts the outer layer. The user must then correctly answer the security questions, thus allowing the inner layer to be decrypted and the plain text of the pass phrase to be recovered. The pass phrase stored on the server is thus secure, requiring the cooperation of both a master technician and the end user. Only the end user ever sees the recovered pass phrase.