On Mon, Oct 24, 2005 at 10:39:11AM +0200, Bohdan Linda wrote:
>
> Hello all,
>
> I would like to use password authentication for pgsql users for remote
> backup purposes. I don't like the fact storing cleartext password on a
> system. From documentation, i have learnt that passwords can be encrypted
> by md5 and crypt methods.
>
> But we know, that md5 is rather weak encryption, so I am asking is there
> any feasible way, how we can use SHA1 instead MD5?
Firstly, SHA-1 is in no better shape than MD5, see [1]. Secondly all
the current attacks are based upon generating collisions which kills it
for the digital signing purpose, but for the purposes of authentication
like we're using that's not relevent. That would require being able to
generate a password that matches a given hash which none of the current
attacks do.
However, looking into the future this would require the following:
1. Adding code to backend and frontend (sha1 code may exist in contrib,
not sure).
2. Changing the protocol to support another hashing algorithm.
3. All sorts of other fiddling but it wouldn't be too hard.
By all means, submit a patch but there's no real hurry right now. We
should probably move straight to something more secure anyway, maybe
SHA-256 or something.
[1] http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.