[jadmin] Re: jabberd14 'crypt' password storage in postgressql
Simon Wilkinson
simon at sxw.org.uk
Thu Jun 14 09:54:44 CDT 2007
On 14 Jun 2007, at 15:40, Thomas Charron wrote:
> I have to slightly disagree here. MANY systems will have access to
> the password in a processed form, and work off of that. This provides
> a one way encryption of the password itself, which allows you to
> present a secret, but not require that secret to be stored, merely the
> result of an operation ON the secret.
You'll find though, that what's being stored has equivalent power to
the secret itself. Where you have a one-way encryption (or hash) of
the secret on the server, it is possible with most mechanisms for an
attacker with a modified client to use that hashed form to gain access.
Take, for instance, DIGEST-MD5 where you can store a partial hash on
the server - an attacker who knows this partial hash can use it from
a modified client as if it was the secret itself. Or, Kerberos, where
a hashed form of the password is stored as a key on the KDC. An
attacker who gains access to the hashed form has identical powers as
if they knew the users password.
This discussion is now getting very off topic.
The fact of the matter is that it is not possible to implement a
standards compliant XMPP server without making passwords available to
the server in a plaintext (or plaintext equivalent) form.
Simon.
More information about the JAdmin
mailing list