Re: [HACKERS] Solution to the pg_user passwd problem !?? (c)

ocie@paracel.com

From: ocie@paracel.com
To: maillist@candle.pha.pa.us (Bruce Momjian)
Cc: scrappy@hub.org, brett@work.chicken.org, jwieck@debis.com, Andreas.Zeugswetter@telecom.at, pgsql-hackers@hub.org
Date: 1998-02-19T23:25:56Z
Lists: pgsql-hackers
Bruce Momjian wrote:
> 
> > 
> > On Thu, 19 Feb 1998, Bruce Momjian wrote:
> > 
> > > > 
> > > > 
> > > > Have we considering using the unix crypt function for passwords?  That
> > > > way it wouldn't matter (as much) if people saw the password, and would
> > > > still be (somewhat less) secure.
> > > > 
> > > > On Thu, 19 February 1998, at 15:55:07, Jan Wieck wrote:
> > > 
> > > I don't know what the problem with using crypt was.  It may be because
> > > he passes a random salt to the user, and the user makes the password
> > > packet with the given salt and returns it to the backend.  If we use
> > > crypt, we have to send a plaintext password over the network, don't we?
> > 
> > 	But, aren't we doing that now? 
> 
> Yes, we are using crypt.  We are picking a random salt, using crypt to
> encrypt the cleartext password, then sending the salt to the frontend,
> and asking them to supply a password crypted with our requested salt.
> 
> Anyway to do this while storing encrypted passwords?

Standard salt is two characters, so an adversary might be able to
watch and record which salts produced which replies.  Even with a
single login, a brute force attack might still be able to get the
user's password.  A stronger challenge-response system might be more
secure.  It should be possible for the server to authenticate a user
without having to store the user's password.

Then again, this is all starting to sound like Kerberos, so if
Postgres had Kerberos authentication (which I think it does), then
this could be used for the ultra-high security authentication system.

Ocie Mitchell