[standards-jig] Re: [Foundation] Last Minute JEP 78 Concerns

Tijl Houtbeckers thoutbeckers at splendo.com
Tue May 27 17:38:39 UTC 2003


Dave Smith <dizzyd at jabber.org> wrote on 27-5-2003 19:33:38:
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>
>On Tuesday, May 27, 2003, at 11:12 America/Denver, Casey Crabb wrote:
>
>> I don't think this is any more secure than just sha1(StreamID +
>> password). What happens is that sha1(password) is
>> password-equivalent.
>>
>> At some point sha1(password) has to travel over the line; at this
>> point it can be sniffed. Or, if you have access to the server's spool
>> you can just read it out of there.
>
>This technique doesn't solve a replay problem -- it's not intended to. 
>It is designed to ensure that the password is not human readable. 
>Consider the case where a corporate executive selects their Jabber 
>password, and they reuse one that they already use elsewhere. If the 
>password is stored in plaintext, a malicious sysadmin (yes, I know 
>you're supposed to trust the admin) can use that plaintext password to 
>login to other company systems. So the idea with this algorithm is to 
>obscure/hide the password sufficiently that the admin may find the 
>hash, but determining the actual text that was typed in will be 
>sufficiently difficult. Most companies are very skittish about storing 
>a plain-text password in their databases, this provides a nice 
>alternative, without requiring a special "server key" to encrypt the 
>password (or some such madness).
>
>Does that make sense?

Even you yourself seem to agree this is mostly security trough 
obsucrity. Let's for a minute asume people will think this is a good 
idea. The more programs that implement it, the less secure it will 
become. Is this really something we want to introduce? Then at least 
store the SHA1 of the concat of the password and random key, and that 
random key seperatly, and then send that key to client before it 
authenticates. That still won't solve the replay problem but at least 
it will solve that you can't use the hash in the DB to authenticate 
every other Jabber account and system that uses this "enhanched" method.
 

-- 
Tijl Houtbeckers
Software Engineer @ Splendo
The Netherlands




More information about the Standards mailing list