Use base32 for recovery code generation, to avoid profanities and bias

Question

Use base32 for recovery code generation, to avoid profanities and bias

Closed this issue 6 years ago · 4 comments

The algorithm we use for generating recovery codes does so by randomly generating 10 bytes, then mapping each byte onto one of the 36 alphanumeric characters:

https://github.com/mozilla/fxa-auth-db-mysql/blob/10bb799/lib/db/util.js#L114

The way this mapping is done has a slight statistical bias, since 36 does not evenly divide into 256. It also has the possibility of producing accidental profanity. Let's consider using the base32 approach that auth-server uses for unblock codes, which is unbiased and which omits the vowels most likely to produce the worst English-language profanities:

https://github.com/mozilla/fxa-auth-server/blob/master/lib/crypto/base32.js

Answer 1 · 2018-06-27T23:07:11.000Z

@vbudhram I'll get @deeptibaghel to look at this

Answer 2 · 2018-06-28T11:57:44.000Z

@vladikoff thanks :)

Answer 3 · 2018-06-28T14:32:18.000Z

Hey @deeptibaghel thanks for taking this on. A couple of notes to help you get started

I am in favor of removing the configuration value that defines the recovery code keyspace. I don't believe it adds as much value as I intended.
Add a function to generate random base32 in utils, similar to auth-server base32. Since it is being used in once place, I think it would be ok to keep in utils and not be pulled into its own file.
Update generateRecoveryCodes to use base32 and create count number of codes

There will be some amount of tests that also need fixing. Let me know if you have any issues!

Answer 4 · 2018-06-28T16:42:11.000Z

Thanks @vbudhram ..