Re: [netatalk-admins] Information on other authentications

Subject: Re: [netatalk-admins] Information on other authentications
From: Osma Ahvenlampi (oa@razorfish.fi)
Date: Wed Apr 21 1999 - 07:26:38 EDT

• Next message: thomas.riewe@zeitung-zum-sonntag.de: "Re: [netatalk-admins] afp_openfork: ad_open errors"
• Previous message: C. Harald Koch: "Re: [netatalk-admins] netatalk and Retrospect"
• Next in thread: Michael Han: "Re: [netatalk-admins] Information on other authentications"
• Maybe reply: Osma Ahvenlampi: "Re: [netatalk-admins] Information on other authentications"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Michael Han <mikehan@best.com> writes:
> I think Alex is trying to point out that there's something wrong with
> rand2num *itself*. And if he wasn't, I'd sure like to make the same
> assertion. rand2num is potentially better than cleartext, but still
> doesn't work the way I tend to think about password encryption. A
> hashed password should be sent, which is compared to the same which is
> stored on the server. That way a root compromise of the server doesn't
> compromise all the user passwords on the box. And root can't casually
> be grabbing user passwords either.

It's not that simple.

UNIX crypt() passwords are stored hashed, but the login is done by
getting a plaintext password, hashing it, and comparing it to the
stored hash. The server application did get to see the password, and
in most cases it also passed over a wire in unencrypted form.

AppleShare randnum stores a plaintext password on the server and
passes challenge/response on the wire to verify that both ends have
the same password. Windows NT encrypted passwords are stored on the
server as hash values, but that doesn't matter - the hash value is a
plaintext equivalent and with a modified client, knowing the hash is
sufficient for login.

There is no easy solution for having passwords stored in encrypted
form AND sending them over the wire encrypted. One way is to encrypt
the entire authentication or even service channel and use UNIX crypt()
style passwords within the channel - you're still telling the server
application the actual password though, only no one can listen in on
the conversation. Another is to use public-key cryptographic
authentication, but that requires the user to carry a smart card with
them or to remember a 1024-bit (300-number) secret value. Yet another
solution is to use one-time passwords, which again requires the user
to carry along a smart card-like device or a list of future passwords
printed on a piece of paper.

-- 
Osma Ahvenlampi

• Next message: thomas.riewe@zeitung-zum-sonntag.de: "Re: [netatalk-admins] afp_openfork: ad_open errors"
• Previous message: C. Harald Koch: "Re: [netatalk-admins] netatalk and Retrospect"
• Next in thread: Michael Han: "Re: [netatalk-admins] Information on other authentications"
• Maybe reply: Osma Ahvenlampi: "Re: [netatalk-admins] Information on other authentications"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:37 EST