Hey Craig,
Thanks for the reply. I guess I should have been more clear. I agree that
channel encryption is important, however, my question is about the security
protocol, not about the channel.
I guess I'm somewhat confused about two commonly used terms - salt and
nonce. What you refer to as "random salt" I've always thought as a nonce
("number used once"). To me, the term salt has always represented a
randomly generated, but persisted set of bytes that are used to make
dictionary attacks impractical. Using my definition of salt, here is my
question in a little more detail.
Let's say the user creates a password P and the system creates a salt S and
hashes the password and the salt creating a userkey K. The system then
stores the username U, the userkey K, and the salt S. Then, for
authentication:
1. If the client sends username U
U
2. The server creates a nonce N with a short TTL and sends it and the salt S
N, S
3. The client applies hash h to the user's password P, and the salt using
the PasswordDeriveBytes class, and then hashes this with the nonce
h(h(P + S), N)
4. If the nonce's TTL has not expired when the client submits its response,
the server then uses the same function to verify that
h(K, N)
Matches whatever the client sent (where K = userkey as defined above).
My question is about step 1 and 2. Is this how the salt is supposed to be
managed?
Cheers,
Ed
You can read messages from the Advanced DOTNET archive, unsubscribe from Advanced
DOTNET, or
subscribe to other DevelopMentor lists at http://discuss.develop.com.
