On 080110 at 17:20, Alexander Mueller wrote:
> > Additionally, offline dictionary attacks tend to be easy when
> > dealing with passwords.
> Brute force always works. Here the salt should help.
The salt prevents attacks via rainbow tables. But passwords tend to be
weak, allowing individual dict-attacks for a specific salt.
This ratio gets even worse over time. It is pretty difficult to
remember 20 passwords that are secure against bruteforce even today.
It will be more difficult next year.
Using PBKDF in your scheme would mitigate this problem...a little.
> > With secure web authentication (hopefully) comming soon, I think
> > this hash-field is a bad idea.
> Could you elaborate why it should be a bad idea?
Adding mechanisms always adds complexity, not only in terms of code but
also in terms of things the admin should consider to setup a secure
system. So the added complexity should be worth something.
I missed the bit on the 'replay salt'. With this, your idea looks like
a pretty good mitigation for plaintext login insecurity.
I guess my main point is that SRP or similar mechanisms are (hopefully)
coming. They will not only offer higher password protection but are
also resistant against MITM, without needing a certificate. I hope this
will make SSL much more prominent even for low-security sites.
SRP can also be used as a http-auth mechanism, but then it provides
only limited security, as it could be used with limited SSL security or
no SSL at all. Same for your scheme: It protects the password, but as
an attacker I don't even need that if I can break the SSL protection or
if SSL is not even used.
I prefer solutions that solve as many aspects of the problem as
possible.
> > PW-logins should either be dropped
> > alltogether(hello, Nelson :)) or mechanisms like SRP should be
> > employed to enhance their security.
> Well, I dont think it is realistic that password based logins will
> disappear that soon.
Me neither. Lacking software support should be one problem. Unless I'm
wrong, Mozilla protects saved logins with a master-password, only. No
PK crypto. So I buy a token for $120 and can't protect legacy systems
with it. :-(
/steffen
--
_----------------
(o< ยท-_ Less CO2 | _o) +49/1781384223
//\ | for more ice! | /\\ .o) .o) gpg --recv-key A04D7875
V_/_ --------------- _\_V _(\)_(\) mailto: [EMAIL PROTECTED]
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
