offpass-tech/Schema and Encryption.md

# Schema and Encryption
This document explains how the schema on the QR-Code is built and how it's encrypted.

## Encryption
OffPass uses **AES-256 CBC** as encrpytion. The key is calculated by the **Argon2id** hash algorithm.

### Passphrase
The passphrase is the actual key which is used for encrpytion. But we don't use your entered master password directly.
We append a salt, which is a random sequence of characters, to your passphrase and then we hash it with `Argon2i` about 25 times. This gives use an output like this: `29dbf5392f13f36d7e9509b1a5c9add0d6a8e2625b5e84ab4d1df8da6063625d`.

This value will be used as encryption key, not your plain password.
The creation of such a hash takes about **more then one second**. 

Attackers are using password dictionaries with millions of passwords.
Creating such a hash for each password in there would take **forever**.

## QR-Code schema
### Plain
```txt
Type_Indicator:IV:Salt:Encrypted_Content
Example:
op1:jI49Az0M1337leet:uZNqq901:YhSRA+nTiZxNfxUIhiJBSsPLTkACMRkbPbLtVbtUnGh3AKJkvQfXWitSUWNq83YjSuKqK64SbB+DygCPxkx6sJ9U0FsO3Waqb3tYn0JRQdEak9INiWx06WQeLsTQcoG2pibOhOZlyiHtZmBj+Ul//lIdYRnmdRgsxYlcYOthiIY=
```
An OffPass QR-Code must follow this data schema or else OffPass wouldn't be able to read it.
**The following examples shows data after decryption.**

```txt
title|username|password|email|website_url|(custom1)data1|(custom2)data2
```
Two examples:

```txt
Main Steam Account|mondei1|super_secret_example123|info@example.de|https://store.steampowered.com/login/|(2fa_b)R1337|()Foo question%Bar awnser

ProtonMail||mail_pw123|klier.nicolas@protonmail.com||
```

### Custom/Optional fields
You can either define your own custom fields or use optional fields, which OffPass treats differently.
List of optional fields:

* `2fa` - Two factor authentication secret that starts like otpauth://totp/...
* `2fa_b` - Backup codes for two factor authentication
* `email_b` - Backup email address
* `()QUESTION%AWNSER` - Security question with it's awnser. **Content inside the brackets has to be empty!**


### Compression
It is possible to compress QR-Codes. Instead of writing all data to the QR-Code you can write random strings (=key) to it.
OffPass itself holds a database of those random strings and the corresponding encrypted value.

The program generates a `session key` (fixed length of 10 characters) which is unique for each QR-Code.
This session key is stored on inside the encrypted data field and is used to decrypt the raw values in database.
**Not even If someone stells your database he wouldn't be able to read your compressed strings.**

The compression key is stored like that: `§key`, the decryption key is stored like that: `%decryption_key%` always at the beginning.

Please keep in mind that OffPass prevents you from compressing your title, password and username in case you lose
access to your compression database.

Eexample:

```txt
%session_key%§xa|mondei1|passwords_not2134|email_too@example.com|§q|(§a)§gh|(uncompressed)value

-> %uI5Np98jAz%Google|mondei1|passwords_not2134|email_either@example.com|https://accounts.google.com|(2fa_backup)245131,...|(uncompressed)value
```

This can has two advantages:

* An attacker can't read compressed values If he is able to decrypt a QR-Code (he would need the database)
* You can get more data on one QR-Code

But one disadvantage: 

* **If you lose access to the compression database, you also lose access to those compressed values. But not to your password.**

### Reserved characters
These characters are reserved and cannot be used in any fields: `|%§`

### Type indicator
OffPass will first look if the scanned QR-Code is actually an OffPass QR-Code. This is done by checking the first three charcters:

```txt
op1:...
```

This `op1:` tells the program that this is actully a OffPass QR-Code and which version. If this is not present, OffPass will abort further steps and notify the user that this is not an OffPass QR-Code.