Re: Re: Encrypting pg_shadow passwords
| От | michael@miknet.net (Michael Samuel) |
|---|---|
| Тема | Re: Re: Encrypting pg_shadow passwords |
| Дата | |
| Msg-id | 20010711190222.A31964@miknet.net обсуждение исходный текст |
| Ответ на | Re: Re: Encrypting pg_shadow passwords (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Ответы |
Re: Re: Encrypting pg_shadow passwords
(Bruce Momjian <pgman@candle.pha.pa.us>)
Re: Re: Encrypting pg_shadow passwords (Bruce Momjian <pgman@candle.pha.pa.us>) |
| Список | pgsql-hackers |
On Tue, Jul 10, 2001 at 11:32:00PM -0400, Bruce Momjian wrote: > > On Tue, Jun 26, 2001 at 11:02:15AM -0400, Bruce Momjian wrote: > > > This is the first time I am hearing people are more concerned about > > > pg_shadow security than the wire security. I can see cases where people > > > are on secure networks or are using only local users where having > > > pg_shadow encrypted is more important than crypt authentication. > > > Fortunately the new system will solve both problems. > > > > The crypt authentication currently used offers _no_ security. If I can > > sniff on the wire, I can hijack the tcp stream, and trick the client > > into doing password authentication. > > It is my understanding that sniffing is much easier than hijacking. If > hijacking is a concern, you have to use SSL. That is not true. The internet happily allows for active attacks. In fact, active attacks are easier on the internet than passive ones. My concern is, that by having something that we proclaim to be secure, we need for it to really be secure. An HMAC would be a better alternative to the current crypt scheme, as it would provide integrity, without the overhead of having privacy. Of course, HMAC would require the postgres protocol to talk in "packets", as it can't accept the data as being valid until it verifies the MAC. I'm not familiar with the protocol yet. I suggest these authentication options: * password - The current meaning of password, but with passwords hashed using md5crypt() or something. (The usual crypt unneccessarilylimits passwords to 8 characters) * HMAC - Wrap all postgres data in an HMAC (I believe this requires an plaintext-like password on the server as does cryptand the double crypt scheme) * Public Key (RSA/DSA) - Use public key cryptography to negotiate a connection. (When I'm not busy, I may decide to do thismyself) Also, I think we should add to the client API the ability to only accept certain authentication schemes, to avoid active attacks tricking your software from sending the HMAC password in cleartext. -- Michael Samuel <michael@miknet.net>
В списке pgsql-hackers по дате отправления: