Jonathan Vanasco wrote: >> But there is a big security whole there if you skip the trip to the >> server >> (whether or not you use mod_auth_tkt). In order for the Flash code >> or JS code to >> create a ticket using a shared secret that secret needs to be >> downloaded to the >> client. Now you might be relying on Flash's binary format to >> protect said >> secret, but I wouldn't. Sending a user/pw combo on an insecure >> connection is not >> as bad as sending your shared secret out into the open on the same >> insecure >> connection. The first compromises that user's account. The second >> compromises >> every users account. > > Right , but this module doesn't do that. This module uses the CRAM- > MD5 style of authentication - like SMTP servers use > > client: Hey I want to log in! > server: Here's a Challenge: $time. $seed . digest ($time . $seed . > $site_secret ) > client: Here is my username and a hash that is Digest( password , > server_challenge ) > server: I looked up your username in the db , and the password is > 'abc' . if i hash the stored password with the server_challenge I > sent you, i get the hash you send me. i will log you in now. > > things to note though: > i. if you store plaintext passwords on the server (BAD!) the client > sends > digest( password . server_challenge) > ii. if you store hashed passwords on the server (GOOD!) the client > sends > digest( digest(password) . server_challenge)
The conceptual problem with this approach is that the digest(password) effectively becomes the user's password. If you steal digest(password), you can impersonnate the user, without ever knowing password. So, somebody stealing a dump of your user database can still impersonnate all your users. > iii. this module creates a self-validating challenge, so that you > don't have to store the challenge on the server - so you send the > challenge back to the server Then a malicious attacker that stole a bunch of digest(password) can pre-calculate a single 'challenge' and pre-generate a single challenge/digest(digest(password) . challenge)) pair per account he/she stole. Then can use them to login straight at the 3 step of the authentication process with very little work on his/her side. For a good example of how to avoid some of these pitfalls, check digest authentication. http://en.wikipedia.org/wiki/Digest_access_authentication -- Philippe M. Chiasson GPG: F9BFE0C2480E7680 1AE53631CB32A107 88C3A5A5 http://gozer.ectoplasm.org/ m/gozer\@(apache|cpan|ectoplasm)\.org/
signature.asc
Description: OpenPGP digital signature
