Ubuntu
kdeutils package

How can I change the encryption and hash algorithms that are used by KWallet to store passwords and other data?

Asked by Robert Simmons

I would like to be able to have control over what algorithm is used to encrypt the passwords as well as the key length and the hash algorithm. According to the KWallet Handbook "the data is encrypted with the Blowfish symmetric block cipher algorithm, the algorithm key is derived from the SHA-1 hash of the password, with a key length of 156 bits (20 bytes). The data into the wallet file is also hashed with SHA-1 and checked before the data is deciphered and accessible by the applications."

How can I change these settings to use AES-256 and SHA256?

All of the other cryptographic utilities that I use have at least a 256 bit key length. What is the point of storing the passphrase for a 256 bit key in an encrypted provider that uses a 156 bit key?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu kdeutils Edit question
Assignee:
No assignee Edit question
Solved by:
Robert Simmons
Solved:
Last query:
Last reply:
Revision history for this message
Michael Basse (michael-alpha-unix) said : 		#1

maybe you will have a look at keepass and keepassx which is offering what you want. it will replace kwallet

Revision history for this message
Robert Simmons (rsimmons0) said : 		#2

I've looked into this, and keepass/keepassx is not an adequate replacement for kwallet. It is not integrated with KDE in the same way. All KDE applications talk to kwallet to store passwords, so linking Kontact, KNetworkManager, KGpg, SMTP transport password, Chrome, and others one by one is annoying. I have opened a wishlist bug at KDE about this:
https://bugs.kde.org/show_bug.cgi?id=276634

Also, the answer to my initial question I guess would be: submit wishlist bug and wait.