Re: md5 auth procotol - can it be replayed? - Mailing list pgsql-admin

From Stephen Frost
Subject Re: md5 auth procotol - can it be replayed?
Date
Msg-id 20160507155124.GP10850@tamriel.snowman.net
Whole thread Raw
In response to md5 auth procotol - can it be replayed?  (Nagy László Zsolt <gandalf@shopzeus.com>)
Responses Re: md5 auth procotol - can it be replayed?
List pgsql-admin
Greetings,

* Nagy László Zsolt (gandalf@shopzeus.com) wrote:
> How the md5 hashed authentication method works? Is it protected against
> replay attacks? Here is what I have in mind:
>
> * If the server stores salted hashed passwords, then I do not see how
> the server could authenticate the users without getting the password in
> clear text?

If you're interested in how these things can be addressed, you should
review the SCRAM protocol.

> * If the server stores (unsalted) password hash values, then basically
> there is almost no difference between a clear text password and an md5
> hash, because anyone can replay the send the same hash value and log in
> again.

If the hash was sent in the clear, then that would be true, but it
isn't.

> Am I missing something?

There is a challenge/response compoent, so the md5 hash which is stored
is not what is sent across the wire.  That prevents replay attacks when
the attacker is simply sniffing the network.  If the attacker is able to
acquire the as-stored hash then, yes, that can be used to authenticate.

Thanks!

Stephen

Attachment

pgsql-admin by date:

Previous
From: Nagy László Zsolt
Date:
Subject: md5 auth procotol - can it be replayed?
Next
From: Tom Lane
Date:
Subject: Re: md5 auth procotol - can it be replayed?