From owner-freebsd-security Sun Jan 14 0:44:35 2001 Delivered-To: freebsd-security@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id CDE1D37B400 for ; Sun, 14 Jan 2001 00:44:15 -0800 (PST) Received: from rfx-64-6-211-149.users.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Sun, 14 Jan 2001 00:42:26 -0800 Received: (from cjc@localhost) by rfx-64-6-211-149.users.reflexcom.com (8.11.1/8.11.0) id f0E8iAl34886 for freebsd-security@FreeBSD.ORG; Sun, 14 Jan 2001 00:44:10 -0800 (PST) (envelope-from cjc) Date: Sat, 13 Jan 2001 23:31:18 -0800 From: "Crist J. Clark" To: Frank Tobin Subject: Re: opinions on password policies Message-ID: <20010113233118.L97980@rfx-64-6-211-149.users.reflexco> Reply-To: cjclark@alum.mit.edu References: <20010113165021.I97980@rfx-64-6-211-149.users.reflexco> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: ; from ftobin@uiuc.edu on Sat, Jan 13, 2001 at 11:24:36PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Jan 13, 2001 at 11:24:36PM -0600, Frank Tobin wrote: > Crist J. Clark, at 16:50 -0800 on Sat, 13 Jan 2001, wrote: > > I am not sure I understand your argument here. I your system, how does > the _user_ authenticate himself? Biometrics? HW token? Smart card? > Really, no passwords? > > Public-key authentications exist in such implementations such as ssh RSA > authentication. In general, they involve the user signing or decrypting > certain data. Humans do not do public key cryptography, computers do. At least, I know few humans who could remember a cryptographically strong public key. At least I can't remember something like, 153577658214885982509493316841098473892501830956676294035988312022114505660826045244490395172085104588411442247269415386765186973514047249009914161471637107944525338519920746658247945778928907782278534009232496672474969492175492146365230659408831159099408128303250608450538695130852047344349476932104716348461 And I the private key... Well, I wouldn't want to post something like that, and I wouldn't want to memorize it. The question arises, how do you protect the keys? With passwords of course. Where did the original poster say anything about network logins? So, back to my original question, how does the _user_ authenticate himself when he sits down at the workstation? Biometrics? HW token? Smart card? Really, no passwords? > Peter Chiu is correct in stating that there is a central point of > vulnerability when it comes to using public key authentication. Of > course, the user is under no obligation to use the same keypair for all > systems used. Also, the decision of how many sites the user uses a > particular keypair for, and whether or not to encrypt the keypair locally > is entirely up to the user (a good thing). > > One key idea is to leave the strength of the security as much up to the > user as possible. With passwords, however, the user has to worry about > both ends being compromoised (his end, and the server's end); Again, who said anything about network logins? > if the > server is compromised, and his password gotten, this might be used against > him other places. With public-key authentication, he only has to worry > about his end; if the server's end is compromised, the user's security is > compromised little. This has nothing to do with the question originally asked about choosing good passwords. If a server is compromised, a good password is stolen just as easily as a bad one. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message