Re: [HACKERS] Re: Hashing passwords (was Updated TODO list)
| От | Mattias Kregert |
|---|---|
| Тема | Re: [HACKERS] Re: Hashing passwords (was Updated TODO list) |
| Дата | |
| Msg-id | 3789D26F.FE15EBD1@algonet.se обсуждение исходный текст |
| Ответ на | Re: [HACKERS] Re: Hashing passwords (was Updated TODO list) (Louis Bertrand <louis@bertrandtech.on.ca>) |
| Список | pgsql-hackers |
I found this at freshmeat.net: ------------------------------ Secure Remote Password (SRP) is a password-based authentication and key exchange mechanism where no information about thepassword is leaked during the authentication process. It does not require any public key cryptography, yet even if one were to eavesdrop on the authentication process, no information which would aidin guessing the password can be obtained (in theory). There are some reworked Telnet and FTP clients and servers available already. http://srp.stanford.edu/srp/ It stores encrypted passwords on the server (not simple XOR), sends different data over the wire every time, it's is impossible to listen on the wire and compute the password (even with the simplest passwords). see http://srp.stanford.edu/srp/design.html /* m */ Gene Sokolov wrote: > > I completely agree with Louis. It's not just the hacker: there is no need > for sysadmin to know passwords as well. I believe the security scheme where > sysadmin or anyone has to take action in order *not* to see passwords is > flawed. > > I think the following solution would be satisfactory: > Store SHA(password) XOR SHA(mastervalue [+] uid). In case it's difficult to > alter the wire protocol, store password XOR SHA(mastervalue [+] uid). Either > way no one can get useful info without knowing the master value. Even simple > password XOR <mastervalue> would be helpful. > > Gene Sokolov. > > From: Louis Bertrand <louis@bertrandtech.on.ca> > > Why should anyone be able to read cleartext passwords, or even need to? > > People have a habit of reusing the same password for logins elsewhere. > > Hash the password as it's entered and compare hashes. This way, even if > > the password file (PostgreSQL's or the system's) is compromised, the > > attacker gains no extra information. > > > > > > From: Bruce Momjian <maillist@candle.pha.pa.us> > > > Yes, I remember now. We keep them in clear, because we send random > > > salt-encrypted versions over the wire. Only Postgresql can read this > > > table.
В списке pgsql-hackers по дате отправления: