On Sun, Jan 27, 2013 at 6:34 PM, Nicolás Alvarez
<[email protected]> wrote:
> 2013/1/27, Jeffrey Walton <[email protected]>:
>> Hi All,
>>
>> Is it possible to disable use of MD5? (I checked configure, and there
>> does not appear to be a switch).
>>
>> MD5 is completely broken, and has no cryptographic value. Yet it
>> appears to be used in cryptographic routines.
>
> That can't possibly be done.
Ouch!
> The client sends MD5 password hashes to
> the server, for example.
OK, so I'm clear. What precisely is sent?
I'm interested in knowing because this presents significant risk to an
organization hosting a Boinc server.
> If you disable MD5 when compiling the client,
> what do you expect it to do?
Use something else, such as SHA or Whirlpool (hashes); or use Secure
Remote Password (SRP).
Thomas Wu's SRP is the cat's meow. Its a PAKE, or Password
Authenticated Key Exchange. With lot's of hand waiving, its
Diffie-Hellman using the password, verifier, and random per-session
variables. Put another way, it is:
g^(password + verifier + random)
rather than:
g^ab
It's also non-anonymous since both parties either know (1) the
password; or (2) the verifier. And it does not confer trust, like
PKI{X}, which is a very good thing.
> Send passwords in plaintext?
Well, you kind of are if you are using MD5. Unsalted MD5 FTW?
> "attach to project" feature? Use a different hash algorithm, which no
> BOINC server would accept?
Oh my. So there is no fallback?
Getting SRP into Boinc should be a priority at this point.
Jeff
_______________________________________________
boinc_dev mailing list
[email protected]
http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev
To unsubscribe, visit the above URL and
(near bottom of page) enter your email address.
