[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
authmeth: password issues
I'd like to see a section like the following in Authmeth, to help people
decide which authentication methods to support and what password
security to expect. Note that some of my terminology may be bad.
12. Password issues
Simple authentication (Simple Bind with DN and password) reveals the
user's password to the server. The SASL DIGEST-MD5 mechanism does
not.
Neither Simple authentication nor DIGEST-MD5 require the server to
know the users' passwords; both allow the server (or a password
management entity which the server makes use of) to only store
one-way hashes of the passwords. Whether to actually do so is an
implementation and deployment decision.
However, an attacker (or the server administrator) who possesses a
server's DIGEST-MD5 password hashes can authenticate to that server
even though he does not know the plaintext passwords.
The SASL EXTERNAL mechanism does not involve passwords, though the
external method it uses to establish credentials may do so. If it
uses TLS certificates, these neither reveal the user's secret to the
server nor require the server to know the user's secret.
Anonymous and unauthenticated Simple Binds do not involve passwords
or other secrets.
The part about compromised DIGEST-MD5 password hashes is from message
<http://www.openldap.org/lists/ietf-ldapbis/200309/msg00077.html>.
In that message, Alexey also said:
I believe it is possible to store a salted version of the hash,
assuming the server always generates nonce-value that uses the salt
as the prefix. But of course this salted hash will be different from
traditional UNIX salted hashes.
However, looking at the [DIGEST-MD5] hash function, I do not see how
that is possible, since it includes the MD5 hash [RFC1321] of, roughly,
"username:realm:password". If it is not possible, then the paragraph
above about compromised DIGEST-MD5 password hashes should end with:
The server administrator will need the plaintext of all the server's
DIGEST-MD5 passwords in order to generate a new set of secret
DIGEST-MD5 password hashes, or all users with passwords unknown to
the administrator will need new passwords so one can generate new
hashes.
--
Hallvard