Bugtraq mailing list archives
Re: Chalace - Challenge/Responce password authentification
From: PAUL () tdr com (Paul Robinson)
Date: Thu, 26 May 1994 13:53:25 -0400 (EDT)
From: Paul Robinson <PAUL () TDR COM> Organization: Tansin A. Darcos & Company, Silver Spring, MD USA ----- Julian Assange <proff () suburbia apana org au>, wrote to bugtraq list <bugtraq () crimelab com> as follows:
Forwarded message:Or you could just use encrypted telnet or my challenge responce system "Chalace".
Below is the only, documentation available:
Chalace is a challenge - responce system based on shared non-disclosed secrets. Chalace key authentification and exchange is not vulnerable to eaves-dropping, tapping, packet-sniffing and the like, as the secret is never sent as plain text though any communications channel. The chalace secret exchange for bob and alice would look something like this:
<-number send to bob<- ->Secure hash-> Example: (clients perspective) Enter challenge: visit defile Suelette Responce = urban curve angel Implimentation: A 32bit random number is generated by doing an interative md5 secure hash of a large number of time and system stats. All information is represented by three words from a table of 2048. For non-automated key exchange this makes the information considerably easier to remember than other comercial systems that use an 8-digit number. The 128bit secure hash of secret and random number is broken down into 32bits then wordified for the responce.
Vulnerabilites: Though secret space is very large, effective keyspace is only 2^32. Assuming that n of bobs logins were intercepted, a challenge/responce relational pair table could be constructed so that at each challenge, an attacker would have a 2^32/n chance of being able to find the correct responce. e.g if n=1000, the chance per chalange that the attacker can beat the system is 1/4,294,967. This could be considered a problem if the implimentation allows many invalid responces, and can process them quickly. If paranoia level security is desired, then just preform a double challenge, which beings the keyspace upto 2^64.
Regards, proff () suburbia apana org au.
Gee, this sounds like Phil Karn's S/Key system only without changing the keys. If it is really something different, a combination of both would be very interesting. S/Key seems to be almost identical with this system, including the list of words, the use of a nondisclosed shared secret, and so on. The only difference being that S/Key generates the challenge on a "one time pad" e.g. the next time you log in it's a different computation because the count isn't the same. Perhaps someone here could let me know if I'm correct in my analysis. I don't see any significant advantage to his method except not having to regenerate the password every 100 logins or whatever number you set the S/Key count to be. You still have to look up the code in a table or use a program to do so. --- Paul Robinson - Paul () TDR COM Voted "Largest Polluter of the (IETF) list" by Randy Bush <randy () psg com> ----- The following Automatic Fortune Cookie was selected only for this message: An American's a person who isn't afraid to criticize the President but is always polite to traffic cops.
Current thread:
- Re: Chalace - Challenge/Responce password authentification Paul Robinson (May 26)