Re: How to secure passwords?

Mon, 03 Dec 2007 08:31:59 -0800 


Sebastiaan van Erk schrieb:

Korbinian Bachl wrote:

This is nothing about wicket - its about base security. MD5 is a 
hash-algorithm (see: http://en.wikipedia.org/wiki/Md5) which is no 
more secure (flaw found 1996) as there are tables to reverse given md5 
(from 2003 on) to a valid input



As far as I can remember, they can generate two different documents with 
the same MD5 hash.



correct: http://www.mscs.dal.ca/~selinger/md5collision/ (this is known 
since 1996 now)





However, they *CAN NOT* generate a collision for an arbitrary hash. 
Furthermore, doing this in a limited size string (like a password) adds 
another complication.


they can and did !  - if you have a hashvalue e.g:

79054025255fb1a26e4bc422aef54eb4


you can use various reverse tables to get the needed inputString into 
any md5(inputString) function to get the desired hash -

example look here:
http://www.antsight.com/zsl/rainbowcrack/




Furthermore, there is generally no way to know what MD5 hash a user has, 
so even if there was an attack which could generate a string with the 
chosen MD5 hash, you still could not hack a user's account because you 
wouldn't know which MD5 hash you want your string to have.



with classic rainbow tables or hybrid rainbow tables you get a 99,9% 
chance to score a hit for under 1h time... sounds not very secure to me




Nope, MD5 password hashes are still perfectly fine.


sure?




Hashing the password client side is actually UNSAFE. This means the hash 
goes over the network, and somebody else can just send the same hash to 
the server to log in without ever knowing the user's password.


and its more save if the md5 sits in the RDBMS that may be breached?



What you need is either:


1) SSL (https) to encrypt the traffic to the server (in which case there 
is no need to hash passwords client side), or



+1 for this - but i got him as he wants to store the password protected 
on server


Best,

Korbinian




2) Use a challenge response algorithm (like CRAM-MD5).


Since 1) is already built into the browser and 2) is a pain and requires 
 somebody to implement it in JavaScript, I strongly suggest you use 1).



Futhermore, trying to think of your own security algorithms, or 
implement known security algorithms yourself (e.g., in JavaScript) 
instead of using a library is very dangerous unless you are a security 
expert.


Regards,
Sebastiaan


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to