http://archives.postgresql.org/pgsql-hackers/2001-06/msg00511.php
http://archives.postgresql.org/pgsql-hackers/2001-06/msg00952.php
http://archives.postgresql.org/pgsql-general/2002-06/msg00484.php
My problem is this: we have ODBC users working from home, so they cannot use SSL unless we buy the commercial drivers. We decided that encrypting the data is not required, but we do need to strictly protect access to our database.
With the current MD5 authentication, an eavesdropper can obtain the random salt and matching MD5 response. When enough logins are eavesdropped on, it becomes feasible for the eavesdropper to connect to the server until a salt is offered for which it knows the valid MD5 response.
To prevent this attack, the salt should be communicated using a Diffie-Hellman key exchange. This way, the salt will be known by the server and the client, but not by an eavesdropper. See http://www.rsasecurity.com/rsalabs/node.asp?id=2248
I realize this would require changes on both the client and server side, but it would up the security of the authentication mechanism one notch.
Please Cc me in any replies, since I am not on this list.
-- Richard van den Berg, CISSP
Trust Factory B.V. | http://www.trust-factory.com/ Bazarstraat 44a | Phone: +31 70 3620684 NL-2518AK The Hague | Fax : +31 70 3603009 The Netherlands |
---------------------------(end of broadcast)--------------------------- TIP 6: Have you searched our list archives?
http://archives.postgresql.org
