[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: RFC2256: userPassword

To: "'Kurt D. Zeilenga'" <Kurt@OpenLDAP.Org>
Subject: RE: RFC2256: userPassword
From: Paul Leach <paulle@microsoft.com>
Date: Tue, 29 Jun 1999 11:43:40 -0700
Cc: ietf-ldapext@netscape.com
Resent-date: Tue, 29 Jun 1999 12:09:43 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"BAWKwC.A.kJ.pnRe3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: Tuesday, June 29, 1999 11:29 AM
> To: Paul Leach

> Use of hashes, especially proven one-way salted digital
> hashes, provided a great deal of protect over cleartext.

They are better than cleartext; no argument. What I'm saying is that they
aren't enough better in today's world.

> A cracker confronted with a hashed password is likely to
> use other mechanisms (such as flaws in the server's host
> operating system) to obtain illicit access.

There are readily available tools that can easily crack hashed passwords.
> 
> I would recommend that hashed password syntax recommend use
> of a salted MD5, SHA1, or equivalent strong (and proven)
> one-way hash.
> 

Not good enough. These are VERY fast hashes, by design, and can be attacked
very effectivley by the means I described in my previous post, and using
hacking tools that are commonly available. Even salt doesn't help enough --
true, it means that the attacker can only attack one password at a time, but
when it only takes a few days (even with only one computer) to run an attack
against easy-to-remember passwords, that's not enough.

Paul

Prev by Date: Re: RFC2256: userPassword
Next by Date: Re: RFC2256: userPassword
Index(es):
- Chronological
- Thread