On 19/11/12 18:19 PM, Jeffrey Walton wrote:
An Adobe break in does not surprise me.
Has anyone come across a paper on how to migrate an existing database
with, for example, unsalted MD5 hashes, to something more appropriate
for 2012? Naively, I don't see why MD5(password) cannot be an input to
an improved system. That is, MD5(password) is just a pre-processing
step to a system built with cryptographic legos.
I'm trying to figure out why folks like Adobe (who know better and
have the resources) are still using unsalted MD5. I suspect the answer
has something to do with "its cost effective to be grossly negligent,"
but I want to give offenders the benefit of the doubt.
Part of the issue is that in the world today, they aren't grossly
negligent. This has specific meanings, which are found in court. Until
a court case comes that finds such an act as grossly negligent, then
they aren't.
Which then speaks to the incentives. The corporations have internalised
the benefits of the model, and externalised the risks. Punters have to
take the costs of the risk of failure, so everyone on the supply side is
happy. Until a corporation has some skin in the risk game, they aren't
going to do more than punt all the risk to the consumer.
In which case, spending more when MD5 does a fine job is pointless;
even if it breaks there is less point in spending money. At the moment,
when a breach happens, companies are responsible for the direct internal
losses, short term reputation hit, and maybe the cost of a breach
notification service (which latter is either a bad joke that customers
don't understand or an insult).
What's worse perhaps is that the first response of companies is to
bolster their defences with "best practices." This works well in court.
"We do what NIST said" and we're done and dusted. But as we know the
risks are far too complicated for some dry government inspired committee
to navigate.
We end up with a world in which there are companies that do real
security and risk work, and those that do "best practices." The latter
group is far larger, far louder, and unfortunately often more
cost-effective.
So, this incentives view will clearly change when a wave of class-action
suits declare companies grossly negligent (or some other legal theory).
And, they have to pay for it through external forces. We are starting
to see that now, with the first rulings coming out that find the banks &
suppliers responsible. But it is slow work - the legal cycle is at
least as slow as the cycle for systemic security improvements.
iang
Jeff
http://www.h-online.com/security/news/item/Adobe-confirms-customer-data-breach-Update-1750344.html
...
Update 15-11-12 14:55: According to security firm Sophos, the
passwords were stored as unsalted MD5 hashes, which can easily be
cracked quickly using modern CPU and GPU hardware. If the database
extract turns out to be genuine, Adobe should have invested a little
more effort in protecting the passwords of its users.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
