-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Nathaniel Smith wrote: > On Sun, Jun 14, 2009 at 8:42 AM, Antoine Martin<[email protected]> wrote: >> This patch implements secure passwords authentication (I believe - can >> someone please check!) > > Well, that's the problem with hand-rolled crypto -- it's mostly > impossible to check... Hard but not impossible! As long as the salt is renewed on every connection attempt, the hash is unpredictable (sha/md5 collisions are not relevant when the desired hash is not known in advance) http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
The only attack that I can think of would be to connect repeatedly until a known challenge is issued (for which the response has been seen), but the search space for that is vast (uuid.uuid4 is 48 bit) - and it would be trivial to thwart that by adding a small delay that increases after failed attempts. - From what I've read uuid.uuid4 should be random enough, but we could always bump that to use more bits, and use XOR rather than concatenation like HMAC does. (Both enhancements can be added later and made backwards compatible too). > Technically, the patch looks reasonable enough, and things like the > short write issue are fixable. I'm curious, can you suggest how? Without adding a whole lot of code that is... I was trying to keep it small. > > I'm *really* nervous, though, about getting into the secure connection > business. That's an impossibly difficult problem, and it's one that's > already solved -- just use ssh. So I'm reluctant to accept any patches > along these lines without, at the least, specific use cases and clear > argumentation for why this approach is the most appropriate way to > handle those use cases. Can you provide such? I think I can. I've got Windows boxes on the LAN, these will not have openssh or plink installed. Another use case would be anonymous sessions (ie: locked down guest) where you want to allow access from remote hosts without giving them full ssh access. (it may also be do-able by setting their login shell to an xpra wrapper, but that's just too limited and nasty) BTW, I'm even trying to build the xpra server for win32 now, any ideas where I could find one that builds/works?? (and the machines that will run it will definitely not be running openssh server but will still require authentication of some sort) > -- Nathaniel > > P.S.: Final grading is done, so I hope to get back to the patch > backlog and get an 0.0.7 out in the next few weeks... sorry about that > delay. Hah good! Antoine -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREKAAYFAko18gEACgkQGK2zHPGK1rvjmgCfQFG+TmVnBz+ZWPp/C3CHPJiU jMoAn1dwLSOH2uhRTDJ3DyiRjkL0ix2A =zl2+ -----END PGP SIGNATURE----- _______________________________________________ Parti-discuss mailing list [email protected] http://lists.partiwm.org/cgi-bin/mailman/listinfo/parti-discuss
