[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: RFC2256: userPassword

To: "'Kurt D. Zeilenga'" <Kurt@OpenLDAP.Org>, Howard Chu <hyc@symas.com>
Subject: RE: RFC2256: userPassword
From: Paul Leach <paulle@microsoft.com>
Date: Tue, 29 Jun 1999 15:03:27 -0700
Cc: Robert Allen <robert.allen@eng.Sun.COM>, mcs@netscape.com, gomez@lhola.engr.sgi.com, ietf-ldapext@netscape.com
Resent-date: Tue, 29 Jun 1999 15:30:16 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"TCdJ5B.A.6sG.IjUe3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: Tuesday, June 29, 1999 2:29 PM
> To: Howard Chu
> Cc: Robert Allen; mcs@netscape.com; Paul Leach;
> gomez@lhola.engr.sgi.com; ietf-ldapext@netscape.com
> Subject: RE: RFC2256: userPassword
> 
> 
> At 02:07 PM 6/29/99 -0700, Howard Chu wrote:
> >How do you store the key that's used to encrypt
> >the userPassword?
> 
> When using one-way hash algorithms, you don't decrypt.
> The server only needs to record the value of the hash and the salt
> (if used).
> 
> 	if Hash(password, Salt(userPassword)) equals userPassword
> 		approve
> 	else
> 		disapprove
> 
> where password is the password supplied with the bind operation,
> userPassword is the recorded "encrypted" value, and Salt() extracts
> the salt from the recorded value, and Hash generates an "encrypted"
> value (with embedded salt).

And I'll say again -- this is not secure enough for today's world. If the
above Hash is very fast, then it is easy to test trillions of candidate
passwords against the stored userPassword attribute.

Paul

Follow-Ups:
- RE: RFC2256: userPassword
  - From: John Schnizlein <jschnizl@cisco.com>

Prev by Date: RE: RFC2256: userPassword
Next by Date: RE: RFC2256: userPassword
Index(es):
- Chronological
- Thread