* Greg Stark (gsstark@mit.edu) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > I have some hopes that pointing out the rather large problem with the
> > md5 authentication mechanism in pg_hba.conf will lead them to discourage
> > it's use and thus reduce the occourances of the salt being made
> > available to the user giving more weight to the usefullness of having it
> > be a random salt. Additionally, it's been a few years, perhaps
> > viewpoints have changed.
>
> Salts are always given to the user, that's how they work. They're not secret.
You're confusing the issues I'm afraid. If you're using md5 to secure
your transport then yes, you must provide the salt to the user since the
same salt must be used on both sides. That's not the salt under
discussion, however; the salt I'm referring to is the one which is used
to make it difficult to brute-force the password from a copy of the
resultant hash. That salt is not given to anyone because no one else
needs it- only the server needs to know that salt so that it can add it
to the password to compare against the hash in the database.
> The issue pointed out back then was that lots of hosts would have usernames
> with the same name, namely "postgres". So a distributed attack would be able
> to use a dictionary attack if it were targeting just the "postgres" user on
> many hosts.
>
> That was deemed not a threat model worth worrying about. It's pretty unlikely
> someone would have access to the md5sums for many different hosts.
I'm worried about them having access to the md5sums for my host..
If they did and I used 'md5' in pg_hba.conf they wouldn't need to brute
force anything, they'd have all they needed to connect as the postgres
users on my database.
Stephen
