# Schema and Encryption This document explains how the schema on the QR-Code is built and how it's encrypted. ## Encryption OffPass uses **AES-256 CBC** as encrpytion. The key is calculated by the **Argon2id** hash algorithm. ### Passphrase The passphrase is the actual key which is used for encrpytion. But we don't use your entered master password directly. We append a salt, which is a random sequence of characters, to your passphrase and then we hash it with `Argon2i` about 25 times. This gives use an output like this: `29dbf5392f13f36d7e9509b1a5c9add0d6a8e2625b5e84ab4d1df8da6063625d`. This value will be used as encryption key, not your plain password. The creation of such a hash takes about **more then one second**. Attackers are using password dictionaries with millions of passwords. Creating such a hash for each password in there would take **forever**. ## QR-Code schema ### Plain ```txt Type_Indicator:IV:Salt:Encrypted_Content Example: op1:jI49Az0M1337leet:uZNqq901:YhSRA+nTiZxNfxUIhiJBSsPLTkACMRkbPbLtVbtUnGh3AKJkvQfXWitSUWNq83YjSuKqK64SbB+DygCPxkx6sJ9U0FsO3Waqb3tYn0JRQdEak9INiWx06WQeLsTQcoG2pibOhOZlyiHtZmBj+Ul//lIdYRnmdRgsxYlcYOthiIY= ``` An OffPass QR-Code must follow this data schema or else OffPass wouldn't be able to read it. **The following examples shows data after decryption.** ```txt title|username|password|email|website_url|(custom1)data1|(custom2)data2 ``` Two examples: ```txt Main Steam Account|mondei1|super_secret_example123|info@example.de|https://store.steampowered.com/login/|(2fa_b)R1337 ProtonMail||mail_pw123|klier.nicolas@protonmail.com|| ``` ### Optional fields You can either define your own custom fields or use optional fields, which OffPass treats differently. List of optional fields: * `2fa` - Two factor authentication secret that starts like otpauth://totp/... * `2fa_b` - Backup codes for two factor authentication * `email_b` - Backup email address ### Compression It is possible to compress QR-Codes. Instead of writing all data to the QR-Code you can write random strings (=key) to it. OffPass itself holds a database of those random strings and the corresponding encrypted value. The program generates a `session key` (fixed length of 10 characters) which is unique for each QR-Code. This session key is stored on inside the encrypted data field and is used to decrypt the raw values in database. **Not even If someone stells your database he wouldn't be able to read your compressed strings.** The compression key is stored like that: `§key`, the decryption key is stored like that: `%decryption_key%` always at the beginning. Please keep in mind that OffPass prevents you from compressing your title, password and username in case you lose access to your compression database. Eexample: ```txt %session_key%§xa|mondei1|passwords_not2134|email_too@example.com|§q|(§a)§gh|(uncompressed)value -> %uI5Np98jAz%Google|mondei1|passwords_not2134|email_either@example.com|https://accounts.google.com|(2fa_backup)245131,...|(uncompressed)value ``` This can has two advantages: * An attacker can't read compressed values If he is able to decrypt a QR-Code (he would need the database) * You can get more data on one QR-Code But one disadvantage: * **If you lose access to the compression database, you also lose access to those compressed values. But not to your password.** ### Reserved characters These characters are reserved and cannot be used in any fields: `|%§` ### Type indicator OffPass will first look if the scanned QR-Code is actually an OffPass QR-Code. This is done by checking the first three charcters: ```txt op1:... ``` This `op1:` tells the program that this is actully a OffPass QR-Code and which version. If this is not present, OffPass will abort further steps and notify the user that this is not an OffPass QR-Code.