Thread

  1. Re: [HACKERS] Re: Hashing passwords (was Updated TODO list)

    Mattias Kregert <matti@algonet.se> — 1999-07-12T11:33:03Z

    I found this at freshmeat.net:
    ------------------------------
    Secure Remote Password (SRP) is a password-based authentication and
       key exchange mechanism where no information about the password is
       leaked during the authentication process. It does not require any
    public
       key cryptography, yet even if one were to eavesdrop on the
       authentication process, no information which would aid in guessing
    the
       password can be obtained (in theory). There are some reworked Telnet
       and FTP clients and servers available already.
    http://srp.stanford.edu/srp/
    
    It stores encrypted passwords on the server (not simple XOR), sends
    different
    data over the wire every time, it's is impossible to listen on the wire
    and
    compute the password (even with the simplest passwords).
    
    see http://srp.stanford.edu/srp/design.html
    
    /* m */
    
    Gene Sokolov wrote:
    > 
    > I completely agree with Louis. It's not just the hacker: there is no need
    > for sysadmin to know passwords as well. I believe the security scheme where
    > sysadmin or anyone has to take action in order *not* to see passwords is
    > flawed.
    > 
    > I think the following solution would be satisfactory:
    > Store SHA(password) XOR SHA(mastervalue [+] uid). In case it's difficult to
    > alter the wire protocol, store password XOR SHA(mastervalue [+] uid). Either
    > way no one can get useful info without knowing the master value. Even simple
    > password XOR <mastervalue> would be helpful.
    > 
    > Gene Sokolov.
    > 
    > From: Louis Bertrand <louis@bertrandtech.on.ca>
    > > Why should anyone be able to read cleartext passwords, or even need to?
    > > People have a habit of reusing the same password for logins elsewhere.
    > > Hash the password as it's entered and compare hashes. This way, even if
    > > the password file (PostgreSQL's or the system's) is compromised, the
    > > attacker gains no extra information.
    > >
    > > > > From: Bruce Momjian <maillist@candle.pha.pa.us>
    > > > Yes, I remember now.  We keep them in clear, because we send random
    > > > salt-encrypted versions over the wire.  Only Postgresql can read this
    > > > table.