| Subject | Re: [Firebird-Architect] Passwords -- current implementation |
|---|---|
| Author | Roman Simakov |
| Post date | 2010-11-12T06:00:04Z |
2010/11/11 Jim Starkey <jstarkey@...>:
algorithms. It's also known as CHAP protocol.
or changes user password. AFAIU when user changes password it is
sending as is to the server. Session key can be used to encrypt it.
--
Roman Simakov
> On 11/11/2010 10:08 AM, Alex Peshkoff wrote:We do the same thing in Red Database, but with different crypto
>> On 11/11/10 17:36, Jim Starkey wrote:
>>> How does the current Firebird implementation transmit passwords to the
>>> server from the client?
>> 2.5 has no changes compared with InterBase6.
>> The only new feature works only for windows - MS API is used for trusted
>> authentication.
>
> That was my understanding. If I remember correctly, it used the glib
> function "crypt" to both transmit and store the password. This is
> brain-dead since an intercept of the packet would reveal the encrypted
> password, which is every bit as good as the password itself. This is a
> classical case of obscurity (and not even much) rather than security.
>
> To avoid an potential embarrassment on the scale of the
> politically/correct fiasco, I suggest that though be given to a
> defensible security architecture sooner rather than latter. Line and
> file level encryption is one thing, but giving out passwords to anyone
> on the LAN with a board in promiscuous mode is really quite feeble.
>
> The scheme used by MySQL for password authentication works like this:
>
> 1. The server stores only the SHA-1 hash of user passwords.
> 2. On the initial connection, the server sends the client a session
> specific random byte string
> 3. The client first hashes a password with SHA-1, concatenates the
> service supplied random string to the result of the pasword hash,
> then hashes that with SHA-1. The resulting hash is then sent to
> the server.
> 4. To authenticate, the server concatenates the session specific
> random string to the stored SHA-1 hash of the password, hashes the
> result, and compares it to the client supplied hash.
algorithms. It's also known as CHAP protocol.
> This is cheap, easy, and secure. A more general mechanism is:I think it's more better solution because it allows us to encrypt new
>
> 1. The server generates an RSA key pair at server start up.
> 2. The server send the client the public key on initial connect
> 3. The client generates a session key, encrypts it with the server's
> public key, and sends the encrypted session key to the server
> 4. Either the password (or, better, the SHA-1 hash of password) are
> encryption or, alternatively, all subsequent communication are
> encrypted with the session key.
or changes user password. AFAIU when user changes password it is
sending as is to the server. Session key can be used to encrypt it.
--
Roman Simakov