WebApp Sec mailing list archives
RE: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection)
From: "Cyrill Osterwalder" <cyrill.osterwalder () seclutions com>
Date: Wed, 17 Aug 2005 09:46:32 +0200
I think the password message digest (hash) discussion got a little confused. I'd like to partially support Mike in saying that hashing the password does not really protect against sniffing/spying on the client side. Protecting the passwords on the server side is a different topic. [Noam Eppel wrote:]
If you are implementing a one-way hash correctly, there should be no need to store the plaintext passwords. All that should be stored is the resulting hash of each password.
Yes, the benefit of the server side password message digests is exactly to avoid storing them in plaintext. However, the plaintext password has to be supplied by the client because it is needed to verify a stored hash together with additional salt. This is independent of the password handling on the client. I believe Mike wanted to say that hashing the password on the client side before entering it into a browser field does not significantly increase security. I'd agree with that and it does not contradict what you are saying about compromising the passwords on the server side. On the client side it would be possible to use a hashed version of the password (the new plaintext password actually). I don't see why this would significantly increase protection against sniffing/spying on the client side. The resulting plaintext hash is actually just another representation of the plaintext password and can be stolen and replayed the same way. For the server, this is just the plaintext password. I assume the following: If there is any browser field input that is verified on the server side as a multi-time access string it is vulnerable to sniffing/spying on the client side to a certain extent. Just providing a different representation does not increase security. The only way to increase security is to use a *protocol* instead of a single access string or an access string with limited validity (e.g. OTPs, challenge-response protocols, etc.). Cyrill
Current thread:
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) mike (Aug 16)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Noam Eppel (Aug 16)
- Re[2]: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Oleg Topchiy (Aug 17)
- Re: Re[2]: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Chuck (Aug 17)
- Re: MD5 Password encoding, "straight" vs "salted" hashes Peter Watkins (Aug 17)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Thomas Chiverton (Aug 17)
- Re[2]: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Oleg Topchiy (Aug 17)
- <Possible follow-ups>
- RE: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Cyrill Osterwalder (Aug 17)
- RE: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Bond Masuda (Aug 17)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Gary Gwin (Aug 18)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Jean-Jacques Halans (Aug 22)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Serban Ghita (Aug 23)
- Re: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) Noam Eppel (Aug 16)
- Re: RE: MD5 Password encoding (was: Defeating Citi-Bank Virtual Keyboard Protection) mike (Aug 17)