Postgres Pro
Downloads
Home   >   mailing lists

Re: You're on SecurityFocus.com for the cleartext passwords. - Mailing list pgsql-hackers

From Vince Vielhaber
Subject Re: You're on SecurityFocus.com for the cleartext passwords.
Date
Msg-id Pine.BSF.4.21.0005061133170.13987-100000@paprika.michvhf.com
Whole thread Raw
In response to Re: You're on SecurityFocus.com for the cleartext passwords.  (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses Re: You're on SecurityFocus.com for the cleartext passwords.  (Bruce Momjian <pgman@candle.pha.pa.us>)
Re: You're on SecurityFocus.com for the cleartext passwords.  (Bruce Momjian <pgman@candle.pha.pa.us>)
List pgsql-hackers
Tree view 
On Sat, 6 May 2000, Bruce Momjian wrote:

> > We can do it with MD5.  Sverre has offered up a java version of it
> > that he wrote, I can convert it to C and make sure it at least runs
> > on FreeBSD, IRIX, DOS/Windows, and HPUX 8-10.  If it runs in unix then
> > it should also run in OS/2.  If we roll our own we should be safe.  I
> > can even include a simple test to make sure it works for all platforms
> > we support.
> 
> Yes, I seem to remember that was the issue.  If we only did crypting on
> the server, and allowed passwords to come cleartext from clients, then
> we only needed crypting on the server.  If we crypt in a one-way fashion
> on the client before coming to the server using a random salt, we have
> to do the other part of the crypting on the client too.
> 
> In other words, it is the one-way nature of the password crypt we used
> on the client that caused us to need the _exact_ same input string to
> go into that crypt on the client and server, so we would need the same
> crypt process in both places.
> 
> Now, let me ask another, better question:
> 
> Right now the password receives a random salt from the server, it uses
> that salt to crypt the password, then send that back for comparison with
> the clear-text password we store in the system.
> 
> What if we:
>     store the password in pg_shadow like a unix-style password with salt
>     pass the random salt and the salt from pg_shadow to the client
>     client crypts the password twice through the routine:
>         once using the pg_shadow salt
>         another time using the random salt
> 
> and passes that back to the server.  The server can use the pg_shadow
> copy of the password, use the random salt make a new version, and
> compare the result.
> 
> This has the huge advantage of not requiring any new crypting methods on
> the client.  It only requires the crypt to happen twice using two
> different salts.
> 
> Sounds like a winner.  Comments?

Overlycomplicated?

What was your objection to MD5 again?

Vince.
-- 
==========================================================================
Vince Vielhaber -- KA8CSH    email: vev@michvhf.com    http://www.pop4.net128K ISDN from $22.00/mo - 56K Dialup from
$16.00/moat Pop4 Networking       Online Campground Directory    http://www.camping-usa.com      Online Giftshop
Superstore   http://www.cloudninegifts.com
 
==========================================================================

pgsql-hackers by date:

Previous
From: Bruce Momjian
Date:
Subject: Re: You're on SecurityFocus.com for the cleartext passwords.
Next
From: Bruce Momjian
Date:
Subject: Re: You're on SecurityFocus.com for the cleartext passwords.