[jadmin] Re: jabberd14 'crypt' password storage in postgressql

[Michał Minicki]

Magnus Henoch <mange at freemail.hu> napisał(a):

> You got it the wrong way.  With encrypted passwords in the database,
> man-in-the-middle attacks are _more_ likely to give the attacker your
> password.

Could you explain it in greater detail, please? Imagine two scenarios:

1. you keep encrypted passwords in a DB and transmit actual password on a 
SSL secured line
2. clear text DB passwords and encrypted key transmitted over a SSL secured 
wire

Now, we have two different kinds of a man-in-the-middle entities: 

A. parties who take part in relying the information (transmission)
B. Jabber Server system administrators and their system users

To me it seems like scenario 1 is a bit more safe. Both parties, A and B, 
have access only to encrypted passwords. And in order to sniff the 
passwords out, administrator has to inject it's own piece of software in a 
place when the password gets out of SSL and is compared to encrypted or 
hashed DB password.

In scenario 2, party named A has a tough job because the actual information 
is encrypted twice (SSL and an actual encrypted password, right?). But 
party A has access to totally unguarded information. It takes only a little 
mistake on part of the administrator or a bug in the software itself, to 
let the users get to this information. Not to mention administrator has 
unlimited access to sensitive information without any effort.

Or do I get it totally wrong?

PS: Is it me or is your attitude a little hostile? I'm just trying to 
understand. If it makes you all feel so uneasy, then I will stop writing. 
There's no real sense in such argument - we will be wasting our precious 
time.

> Magnus


-- 
Martel Valgoerad aka Michal Minicki | martel at aie.pl | http://aie.pl/martel.asc
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
"Idleness is not doing nothing. Idleness is being free to do anything." 
 -- Floyd Dell