From owner-freebsd-security  Wed Jul  7  8:21:20 1999
Delivered-To: freebsd-security@freebsd.org
Received: from ns1.yes.no (ns1.yes.no [195.204.136.10])
	by hub.freebsd.org (Postfix) with ESMTP id 17C1614D85
	for <security@FreeBSD.ORG>; Wed,  7 Jul 1999 08:21:17 -0700 (PDT)
	(envelope-from eivind@bitbox.follo.net)
Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218])
	by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id RAA02064;
	Wed, 7 Jul 1999 17:21:16 +0200 (CEST)
Received: (from eivind@localhost)
	by bitbox.follo.net (8.8.8/8.8.6) id RAA44576;
	Wed, 7 Jul 1999 17:21:16 +0200 (MET DST)
Date: Wed, 7 Jul 1999 17:21:15 +0200
From: Eivind Eklund <eivind@FreeBSD.ORG>
To: Peter Wemm <peter@netplex.com.au>
Cc: Kris Kennaway <kkennawa@physics.adelaide.edu.au>,
	security@FreeBSD.ORG
Subject: Re: Improved libcrypt ready for testing
Message-ID: <19990707172115.D44021@bitbox.follo.net>
References: <Pine.OSF.4.10.9907062308350.13993-100000@bragg> <19990706175814.3A9CE78@overcee.netplex.com.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.95.1i
In-Reply-To: <19990706175814.3A9CE78@overcee.netplex.com.au>; from Peter Wemm on Wed, Jul 07, 1999 at 01:58:14AM +0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, Jul 07, 1999 at 01:58:14AM +0800, Peter Wemm wrote:
> Kris Kennaway wrote:
> > On Tue, 6 Jul 1999, Peter Wemm wrote:
> > 
> > > I'd strongly suggest encoding the number of rounds as well, ie:
> > > $token$salt$rounds$password
> > 
> > For the two algorithms which currently support variable rounds, it's
> > already encoded into the password:
> > 
> > $Blowfish$xy$<salt><password> following the OpenBSD format (xy = log2 rounds)
>     ,
> > and
> > 
> > _<rounds><salt><password> for New-DES. (<rounds> encoded as a base-64 binary
> > value).
> 
> Say... you wouldn't like to impliment an NT-style password hash, would you?
> *NOT* the LAN-Manager (LAN-damager?) hash with the 2 chunks of 7 characters
> weak method that gets decoded in what seems like seconds according to
> bugtraq.  The NT hash is 128 character etc.  It's also unicode and not case
> sensitive, but that shouldn't be a problem to implement.
> 
> The reason I ask is that there are a number of protocols that have this
> embedded in it, including PPP's MS-CHAP and SMB.

If we want to support protocol-embedded authentication data properly,
we need at least the ability to store several different types of
hashes for each user in the password file, and the ability to store
clear-text passwords.

We should also, IMO, be switching our default password file format to
SRP or similar - something that allow challenges against it without
being the cleartext.

Eivind.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message