Re: md5 again

On Tue, 11 Jul 2000, Tom Lane wrote:

> Vince Vielhaber <vev@michvhf.com> writes:
> > Simple dictionary passwords.  Run them thru a script and compare the 
> > output.  
> 
> I was under the impression we'd prevented that by use of a random salt
> chosen on-the-fly for each login attempt ... have to go reread the
> thread to be sure though.

When I went back and reread the thread, it was PG sending the random
salt.  The username, password and random salt were hashed and sent 
back.  Therefore the username and random salt have both been on the
wire in the clear.

> In any case, if your threat model is a dictionary attack, what's to
> stop the attacker from using a dictionary of likely usernames as well?
> I still don't see much security gain from hashing the username.

dictionary of likely usernames: tgl, vev, buzz, wood_tick, ...  Now
that'd be a dictionary!  If only the random salt were on the wire, the
attacker would need to guess both the username and the password.

Vince.
-- 
==========================================================================
Vince Vielhaber -- KA8CSH    email: vev@michvhf.com    http://www.pop4.net128K ISDN from $22.00/mo - 56K Dialup from
$16.00/moat Pop4 Networking       Online Campground Directory    http://www.camping-usa.com      Online Giftshop
Superstore   http://www.cloudninegifts.com
 
==========================================================================