nanog mailing list archives
Re: LinkedIn password database compromised
From: Leo Bicknell <bicknell () ufp org>
Date: Wed, 20 Jun 2012 16:12:34 -0700
In a message written on Thu, Jun 21, 2012 at 08:02:58AM +0900, Randy Bush wrote:
what is the real difference between my having holding the private half of an asymmetric key and my holding a good passphrase for some site? that the passphrase is symmetric?
The fact that it is symmetric leads to the problem. The big drawback is that today you have to provide the secret to the web site to verify it. It doesn't matter if the secret is transfered in the clear (e.g. http) or encrypted (e.g. https), they have it in their RAM, or on their disk, and so on. Today we _trust_ sites to get rid of that secret as fast as possible, by doing things like storing a one way hash and then zeroing the memory. But what we see time and time again is sites are lazy. The secret is stored in the clear. The secret is hashed, but with a bad hash and no salt. Even if they are "good guys" and use SHA-256 with a nice salt, if a hacker hacks into their server they can intercept the secret during processing. With a cryptographic solution the web site would say something like: "Hi, it's 8:59PM, transaction ID 1234, cookie ABCD, I am foo.com, who are you." Your computer would (unknown to you) would use foo.com to figure out that bicknell () foo com (or superman () foo com) was your login, do some math, and sign a response with your private key that says: "Hi, I'm bicknell () foo com, I agree it's 8:59 PM, transaction 1234, cookie ABCD." Even if the attacker had fully compromised the server end they get nothing. There's no reply attack. No shared secret they can use to log into another web site. Zero value.
s/onto web sites/this web site/ let's not make cross-site tracking any easier than it is today.
Yep. Don't get me wrong, there's an RFC or two here, a few pages of code in web servers and browsers. I am not asserting this is a trival change that could be made by one guy in a few minutes. However, I am suggesting this is an easy change that could be implemented in weeks not months. -- Leo Bicknell - bicknell () ufp org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/
Attachment:
_bin
Description:
Current thread:
- Re: LinkedIn password database compromised, (continued)
- Re: LinkedIn password database compromised AP NANOG (Jun 21)
- Re: LinkedIn password database compromised Tei (Jun 21)
- Re: LinkedIn password database compromised Jay Ashworth (Jun 21)
- Re: LinkedIn password database compromised Leo Bicknell (Jun 21)
- Re: LinkedIn password database compromised AP NANOG (Jun 21)
- Re: LinkedIn password database compromised Matthew Kaufman (Jun 20)
- Re: LinkedIn password database compromised Jared Mauch (Jun 20)
- Re: LinkedIn password database compromised valdis . kletnieks (Jun 20)
- Re: LinkedIn password database compromised Leo Bicknell (Jun 20)
- Re: LinkedIn password database compromised Randy Bush (Jun 20)
- Re: LinkedIn password database compromised Leo Bicknell (Jun 20)
- Re: LinkedIn password database compromised Randy Bush (Jun 20)
- Re: LinkedIn password database compromised Tei (Jun 21)
- Re: LinkedIn password database compromised Tony Finch (Jun 21)
- Re: LinkedIn password database compromised Rich Kulawiec (Jun 21)
- RE: LinkedIn password database compromised Keith Medcalf (Jun 23)
- Re: LinkedIn password database compromised Michael Thomas (Jun 23)
- Re: LinkedIn password database compromised AP NANOG (Jun 20)
- How to fix authentication (was LinkedIn) Jay Ashworth (Jun 20)
- Re: How to fix authentication (was LinkedIn) Kyle Creyts (Jun 20)
- Re: How to fix authentication (was LinkedIn) valdis . kletnieks (Jun 20)