WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Securing encrypted data in RAM vs MSSQL

From: "Mark Curphey" <mark () curphey com>
Date: Thu, 1 Jul 2004 15:44:12 -0400
Hi Martin,

Heuristically ? What tools ? Are you referring to Pseudo collisions ? 

If you can pick up a pattern (apart from its entropy) of any sort on the
cipher text of a one way hash function then it is by definition broken, or
am I missing something? I maybe wrong but you maybe referring to pseudo
collisions as described by Hands Dobbertin in his paper in the 90's? If so
there is a big difference between pseudo collisions and real world attacks
(and his work was on MD4 not 5). I am not aware of any work proving real
collisions, anyone ?

Pre-computing dictionaries is one thing although implementations can be
designed so this becomes impractical. Dictionary attacks will always be
possible but again with a suitable salt and password entropy this should not
be practical. 

As with most crypto (IMHO) the implementation usually lets the design down !
I am all for picking holes in implementations but I think need to be careful
to say "there is always a way to recover the real password or login from a
hash".

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN () libertis ga] 
Sent: Thursday, July 01, 2004 1:44 PM
To: Dean Saxe
Cc: webappsec () securityfocus com; forensics () securityfocus com
Subject: RE: Securing encrypted data in RAM vs MSSQL

Yep sure, it should harden the security of the hashes...depending of what
kind of salt as well! :) But in that case some tools also improved and have
heuristical techniques to go quicker.

The time needed depends of the softwares you are using! IBM Watson's Lab. or
the NSA Labs shounld do this quicker than my laptop! :)


-----Message d'origine-----
De : Dean Saxe [mailto:Dean.Saxe () DigitalInsight com]
Envoyé : jeudi 1 juillet 2004 18:35
À : Bénoni MARTIN; Toro, Daniel; Stan Guzik; Dave Andrews;
webappsec () securityfocus com; forensics () securityfocus com Objet : RE:
Securing encrypted data in RAM vs MSSQL

Shouldn't a salt value added to the plaintext before hashing effectively
make this kind of a dictionary attack much more difficult, if not
impossible, to perform since you would have to recover the salt and
plaintext?

-dhs

-----Original Message-----
From: Bénoni MARTIN [mailto:Benoni.MARTIN () libertis ga]
Sent: Thursday, July 01, 2004 1:19 PM
To: Toro, Daniel; Stan Guzik; Dave Andrews; webappsec () securityfocus com;
forensics () securityfocus com
Subject: RE: Securing encrypted data in RAM vs MSSQL


Well, there is always a way to recover the real password or login from a
hash...the matter's is the time it will take!


The method to "dehash" a hash is quite simple: as theorically a hash_1 can
be produced by a single pass_1/login_1/..., we can create a huge amount of
random pass_2/logins_2/..., hash them with MD5/SHA-1/... and then compare
each of them with our hash_1. ASA the two hashes are the same, we can pick
up the pass/login/... which produced hash_2. Quite simple but really long to
perform.

BTW, Cain & Abel, John the Ripper and Crack can perform such recoveries...
:)
Previous By Date Next
Previous By Thread Next

Current thread: