Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted

from [Antoine Martin] Network Security [Permanent Link]
Subject: Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted
Date: Sat, 23 Apr 2005 15:53:25 +0100 
On Sat, 2005-04-23 at 09:02 -0400, Stephen Frost wrote:

* Antoine Martin (antoine@nagafix.co.uk) wrote:

Basically, multiple input data that have the same output hash, which is
of no use when what you are trying to find is the input.
Finding collisions quicker for a known input is one thing, but that is
not going to reduce the search space, not even your storage space (it is
unlikely that the colliding results would all be valid input).


Erm, you aren't necessairly trying to find the input...  It may be the
case that you're trying to find what you need to authenticate to this
server, or any other PostgreSQL server where the same userid & input are
used.  In that case you just need something that hashes to the same
thing.

Agreed, what I said was that it is highly unlikely you will find
colliding inputs that are valid, so the "SHA weakness" does not really
help you here as it does not reduce the search space:
You are much better off pre-calculating hashes for possible usernames &
passwords than working backwards and generating all possible hashes
hoping that one would happen to be matching a real entry...
Usernames are not exactly random, passwords are less predictable, the
chance of a useful collision on the username+password is remote at best.

Using a random salt would mean that it's different per server so
breaking it on one doesn't help you against another server unless you
happened to find the actual original input.

Absolutely.



Is adding the non-guessable salt that hard anyway?


It is if you want to continue to support the 'md5' method in pg_hba.conf
because the wireline protocol will probably need to change.  A less
intrusive alternative would be to add an 'with encrypted password 'xyz'
with random salt' or some such which would only be supported with the
'password' method in pg_hba.conf.

One problem with this is that you then can't just switch from password
to md5 or back again.  Perhaps that's ok though?  Comments?

Just add another authentication method - call it 'md5-salt' (sharing
most of the 'md5' code), you get backwards compatibility and you advise
users to migrate to the new salt hash. Shouldn't be too hard...
Might as well do a 'sha512-salt' too.

Antoine
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Local file detection found through Adobe Reader ActiveX control, Hyperdose Security
Next by Date:  E-Cart v1.1 Remote Command Execution, Nicolas Montoza
Previous by Thread:  Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted, Stephen Frost
Next by Thread:  Re: [HACKERS] Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords, Joshua D. Drake
Indexes:  [Date] [Thread] [Top] [All Lists]