Matt Pavlovich writes:
What the hell good is this? What service in their right mind would
store clear text passwords?
Try every bank in the world, with the password being your credit card
number.
What moron at MS thought this up? Why not
RFC 2104: two people from IBM, and a third guy from UCSD.
challenge/response based on the SHA1 hash of the pass vs the clear text
password?
Do any commercial mail systems store clear text passwords in order to
support this?
Matt Pavlovich
On Wed, 2003-02-19 at 15:39, Brian Candler wrote:
On Wed, Feb 19, 2003 at 02:57:19PM -0600, Matt Pavlovich wrote:
> Does the CRAM-SHA1 process hand a string that the mail server can
> eventually extract a 'normal' SHA1 hash out of?
>
> If so, then it would be trivial to support SHA1 hash compares if the
> password hash is stored as SHA1 in the directory server. Storing clear
> text passwords sucks, legal departments and mgmt frown on it..
No, it's a fundamental laws-of-the-universe thing from the irreversibility
of hashes.
When a user authenticates to a server, either:
(1) The user sends the password in cleartext over the wire
The server can keep a hash of the password
OR
(2) The user sends a hash derived from the password over the wire
The server needs to have the the cleartext password [or something
equivalent*] to validate it
Case (1) is normal logins (AUTH LOGIN or PLAIN and normal Unix shadow
files); case (2) is the CRAM-MD5's and CRAM-SHA1's of this world.
If you want to have your cake and eat it, the best you can do is to take
case (1), but encrypt the entire session. In other words the user sends
their cleartext password to the server, but it is protected against
eavesdropping by TLS.
[*] "Something equivalent" to a cleartext password means that it might not
actually be the sequence of letters which the user types, but knowledge of
this value is sufficient to authenticate yourself.
Windows NT domain authentication falls into this category. A hash of your
password text is stored on the server, and it is challenge-response
authentication. However, to participate in this mechanism, all you actually
need is the hash of the password text, you don't need to know what the
person's original password was. Hence if you break into the server and steal
this hash value, you can use it to gain access: this hash value is a
"plaintext password" in its own right.
Regards,
Brian.
--
Matt Pavlovich <[EMAIL PROTECTED]>
Allegiance Telecom, Inc.
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
-------------------------------------------------------
This SF.net email is sponsored by: SlickEdit Inc. Develop an edge.
The most comprehensive and flexible code editor you can use.
Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial.
www.slickedit.com/sourceforge
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
