nanog mailing list archives

Re: LinkedIn password database compromised

From: Leo Bicknell <bicknell () ufp org>
Date: Wed, 20 Jun 2012 16:12:34 -0700

In a message written on Thu, Jun 21, 2012 at 08:02:58AM +0900, Randy Bush wrote:

what is the real difference between my having holding the private half
of an asymmetric key and my holding a good passphrase for some site?
that the passphrase is symmetric?


The fact that it is symmetric leads to the problem.

The big drawback is that today you have to provide the secret to
the web site to verify it.  It doesn't matter if the secret is
transfered in the clear (e.g. http) or encrypted (e.g. https), they
have it in their RAM, or on their disk, and so on.  Today we _trust_
sites to get rid of that secret as fast as possible, by doing things
like storing a one way hash and then zeroing the memory.

But what we see time and time again is sites are lazy.  The secret
is stored in the clear.  The secret is hashed, but with a bad hash
and no salt.  Even if they are "good guys" and use SHA-256 with a nice
salt, if a hacker hacks into their server they can intercept the secret
during processing.

With a cryptographic solution the web site would say something like:

"Hi, it's 8:59PM, transaction ID 1234, cookie ABCD, I am foo.com, who are you."

Your computer would (unknown to you) would use foo.com to figure out
that bicknell () foo com (or superman () foo com) was your login, do some
math, and sign a response with your private key that says:

"Hi, I'm bicknell () foo com, I agree it's 8:59 PM, transaction 1234,
cookie ABCD."

Even if the attacker had fully compromised the server end they get
nothing.  There's no reply attack.  No shared secret they can use to log
into another web site.  Zero value.

s/onto web sites/this web site/  let's not make cross-site tracking any
easier than it is today.


Yep.  Don't get me wrong, there's an RFC or two here, a few pages of
code in web servers and browsers.  I am not asserting this is a trival
change that could be made by one guy in a few minutes.  However, I am
suggesting this is an easy change that could be implemented in weeks not
months.

-- 
       Leo Bicknell - bicknell () ufp org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/

Attachment: _bin
Description:

Current thread:

Re: LinkedIn password database compromised, (continued)
- - - Re: LinkedIn password database compromised AP NANOG (Jun 21)
    - Re: LinkedIn password database compromised Tei (Jun 21)
    - Re: LinkedIn password database compromised Jay Ashworth (Jun 21)
    - Re: LinkedIn password database compromised Leo Bicknell (Jun 21)
    - Re: LinkedIn password database compromised AP NANOG (Jun 21)
    - Re: LinkedIn password database compromised Matthew Kaufman (Jun 20)
    - Re: LinkedIn password database compromised Jared Mauch (Jun 20)
    - Re: LinkedIn password database compromised valdis . kletnieks (Jun 20)
    - Re: LinkedIn password database compromised Leo Bicknell (Jun 20)
    - Re: LinkedIn password database compromised Randy Bush (Jun 20)
    - Re: LinkedIn password database compromised Leo Bicknell (Jun 20)
    - Re: LinkedIn password database compromised Randy Bush (Jun 20)
    - Re: LinkedIn password database compromised Tei (Jun 21)
    - Re: LinkedIn password database compromised Tony Finch (Jun 21)
    - Re: LinkedIn password database compromised Rich Kulawiec (Jun 21)
    - RE: LinkedIn password database compromised Keith Medcalf (Jun 23)
    - Re: LinkedIn password database compromised Michael Thomas (Jun 23)
    - Re: LinkedIn password database compromised AP NANOG (Jun 20)
    - How to fix authentication (was LinkedIn) Jay Ashworth (Jun 20)
    - Re: How to fix authentication (was LinkedIn) Kyle Creyts (Jun 20)
    - Re: How to fix authentication (was LinkedIn) valdis . kletnieks (Jun 20)

(Thread continues...)