1 General Security Principles
1.1 Protection of User Data in Dashlane
Protection of user data in Dashlane relies on 4 separate secrets:
• The User Master Password:
▷ It is never stored on Dashlane servers, nor are any of its derivatives (including
hashes).
▷ By default, it is not stored locally on disk on any of the user’s devices; we
simply use it to (de)crypt the local files containing the user data.
▷ It is stored locally upon user request when enabling the feature ‘‘Remember
my Master Password”.
▷ In addition, we ensure that the user’s Master Password is never transmitted
over the internet [1]
.
[1] The only derivatives of it that is
sent over Internet is the final encrypted vault, see in the next paragraphs how we ensure its resilience to
attacks. • In some cases (local storage), we use an Intermediate Key (random 32-byte) encrypted with the derived Master Password.
• A unique User Device Key for each device enabled by a user:
▷ Auto generated for each device.
▷ Used for authentication.
• A Local Secret Key generated locally used to secure communication between the
Dashlane application and the browser plugins. The key is exchanged using local
visual pairing (and Diffie-Hellman) when needed.
1.2 Local Access to User Data
Access to the user’s data requires using the User Master Password which is only
known by the user. It is used to generate the symmetric Advanced Encryption Standard (AES) 256-bit key for encryption and decryption of the user’s personal data on
the user’s device.
We useWebcrypto API for most browser based cryptography and the native libraries
for IOS and Android.
On Windows and MacOS, the user’s data encryption and decryption is performed
using OpenSSL:
• A 32-byte salt is generated using the OpenSSLRAND_bytes function for the desktop apps (encrypting) or reading it from the AES file (decrypting).
• The User Master Password is used, with the salt, to generate the AES 256-bit
key that will be used for (en|de)cryption. We use Argon2d, by default, with the
following parameters: iterations = 3, memory = 32Mo, parallelization = 2. We also
support PBKDF2-SHA2 with 200,000 iterations.
• The 16-byte initialization vector is chosen randomly.
• Then, the data is (en|de)crypted using AES CBC-HMAC mode.
• When encrypting, the salt and the Initialization Vector (IV) are written in the AES
file.
1 GENERAL SECURITY PRINCIPLES Page 4
Dashlane - Security White Paper March 2021
1.3 Local Data Usage After decrypting
Caption this Meme