[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security

To: ietf-sasl@xxxxxxx
Subject: Re: Security
From: "Frank Ellermann" <nobody@xxxxxxxxxxxxxxxxx>
Date: Wed, 13 Aug 2008 21:33:16 +0200
List-archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-id: <ietf-sasl.imc.org>
List-unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
Organization: <http://purl.net/xyzzy>
References: <ldvlki6dqqu.fsf@xxxxxxxxxxxxxxxxxxxxxxxxxx><45F856F1.2B56@xxxxxxxxxxxxxxxxx><19A01BBB-9BF4-4D49-8B2A-AA911B93EF7C@xxxxxxxxx><87y732a7dc.fsf@xxxxxxxxxxxxxxxxxxx><57EA1E30-54A9-4E13-98CC-944EE79AC633@xxxxxxxxx><87proe6sxm.fsf@xxxxxxxxxxxxxxxxxxx> <tslej4thudg.fsf@xxxxxxx><g7v27j$8ti$1@xxxxxxxxxxxxx> <tsl7iakhk9v.fsf@xxxxxxx> <2FC8F872D7B3F342B2777A39E7F3E6BB08FBD2DA5B@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: "Frank Ellermann" <hmdmhdfmhdjmzdtjmzdtzktdkztdjz@xxxxxxxxx>
Sender: owner-ietf-sasl@xxxxxxxxxxxx

Paul Leach wrote:

> Use of iterated hashes to make computation of the key
> from the password take a few hundred milliseconds really
> makes a difference -- that's what PBKDF2 does.

I recently looked into the documentation of an old tool
creating such tables.  It didn't address the question of
the cumulative effect of milliseconds, but I was very
impressed by the cumulative effects of "increase the set
of potential input characters".

The math is trivial, but I never saw the consequences of
say one GB vs. 700 GB, or one day vs. 1000 days, before.  

The larger numbers were for some proper subset of ASCII,
the smaller numbers were for upper case ASCII letters.

I think the draft is clear wrt this attack, but we could
try to make it clearer:

 Sending a response to an attacker for a challenge chosen
 by this attacker will - for most choices of a plausible
 password - reveal this password.  The mere use of TLS
 does not remove this attack vector.

Frank

References:
- WG Last Call: draft-ietf-sasl-crammd5-08.txt
  - From: Tom Yu
- Security (was: WG Last Call: draft-ietf-sasl-crammd5-08.txt)
  - From: Frank Ellermann
- Re: Security (was: WG Last Call: draft-ietf-sasl-crammd5-08.txt)
  - From: Kurt Zeilenga
- Re: Security
  - From: Simon Josefsson
- Re: Security
  - From: Kurt Zeilenga
- Re: Security
  - From: Simon Josefsson
- Re: Security
  - From: Sam Hartman
- Re: Security
  - From: Frank Ellermann
- Re: Security
  - From: Sam Hartman
- RE: Security
  - From: Paul Leach

Prev by Date: Re: Random data
Previous by thread: RE: Security
Next by thread: Alternative password SASL authentication mechanims
Index(es):
- Date
- Thread