From owner-freebsd-current Mon Feb 17 6:50:50 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8D95D37B401 for ; Mon, 17 Feb 2003 06:50:45 -0800 (PST) Received: from jawa.at (inforum.at [213.229.17.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id 375C543F85 for ; Mon, 17 Feb 2003 06:50:44 -0800 (PST) (envelope-from mbretter@jawa.at) Received: from jawa.at (worf.jawa.at [192.168.201.12]) by jawa.at (8.12.6/8.12.6) with ESMTP id h1HEoX07027565; Mon, 17 Feb 2003 15:50:34 +0100 (CET) (envelope-from mbretter@jawa.at) Message-ID: <3E50F66D.1090804@jawa.at> Date: Mon, 17 Feb 2003 15:49:17 +0100 From: Michael Bretterklieber User-Agent: Mozilla/5.0 (X11; U; Linux i386; de-AT; rv:1.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-current@freebsd.org Cc: bugat-chat@bugat.at, Archie Cobbs Subject: NT MD4 password hash as new password encryption method for FreeBSD Content-Type: multipart/mixed; boundary="------------090704040802080706060608" X-Virus-Scanned: by amavisd-milter (http://amavis.org/) X-Spam-Status: No, hits=-0.8 required=5.0 tests=SPAM_PHRASE_01_02,USER_AGENT,USER_AGENT_MOZILLA_UA, X_ACCEPT_LANG version=2.43 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. --------------090704040802080706060608 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi, This is a simple proposal to add support for NT MD4 password hashes to crypt(3). NT MD4 password hashes are more insecure than the standard FreeBSD MD5 based password crypt or the much more stronger blowfish based encryption. Why are you/we so nut to use NT password hashes? The answer is very simple: If you like to authenticate dialin users (ppp, pptp) with CHAP you need the plaintext password on the server and therefore its not possible to store the passwords in the systems master.passwd. Using PAP is a bad idea, because the passwords are transmitted as plaintext over the net. MS-CHAP solves this problem by using hashed passwords (md4). With MS-CHAP and our modification to crypt(3) its not longer necessary to store plaintext secrets on your server! But we think there are many more advantages: 1. Only one user database (password can easily changed by the user himself). 2. MS-CHAP can used, without storing the plaintext passwords on the server. 3. SAMBA can modified to use directly the master.passwd and not his own smbpasswd. 4. Samba can use NIS for encrypted passwords on FreeBSD. Disadvantages: 1. No salt is used, users with same passwords have the same hash The attached patches implements this as new password type $3 and it can be configured via login.conf (:passwd_format=nth:). Patches for MPD, SAMBA and (soon) for PPP can be found here: http://www.bugat.at/projekte/nthash4freebsd.ihtml bye, -- ------------------------------- ------------------------------------- Michael Bretterklieber - Michael.Bretterklieber@jawa.at JAWA Management Software GmbH - http://www.jawa.at Liebenauer Hauptstr. 200 -------------- privat --------------- A-8041 GRAZ GSM: ++43-(0)676-93 96 698 Tel: ++43-(0)316-403274-12 E-mail: michael@bretterklieber.com Fax: ++43-(0)316-403274-10 http://www.bretterklieber.com ------------------------------- ------------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 --------------090704040802080706060608 Content-Type: text/plain; name="libcrypt.diff" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="libcrypt.diff" diff -u libcrypt_orig/Makefile libcrypt/Makefile --- libcrypt_orig/Makefile Fri Jan 17 19:11:12 2003 +++ libcrypt/Makefile Fri Jan 17 18:55:22 2003 @@ -6,9 +6,10 @@ LIB= crypt .PATH: ${.CURDIR}/../libmd -SRCS= crypt.c crypt-md5.c md5c.c misc.c +SRCS= crypt.c crypt-nthash.c crypt-md5.c md5c.c misc.c MAN= crypt.3 MLINKS= crypt.3 crypt_get_format.3 crypt.3 crypt_set_format.3 +LDADD+= -lmd CFLAGS+= -I${.CURDIR}/../libmd -I${.CURDIR}/../libutil CFLAGS+= -DLIBC_SCCS -Wall # Pull in the crypt-des.c source, assuming it is present. Only in libcrypt: crypt-nthash.c diff -u libcrypt_orig/crypt.c libcrypt/crypt.c --- libcrypt_orig/crypt.c Fri Jan 17 19:11:06 2003 +++ libcrypt/crypt.c Fri Jan 17 18:14:04 2003 @@ -62,6 +62,11 @@ }, #endif { + "nth", + crypt_nthash, + "$3" + }, + { NULL, NULL } diff -u libcrypt_orig/crypt.h libcrypt/crypt.h --- libcrypt_orig/crypt.h Fri Jan 17 19:11:08 2003 +++ libcrypt/crypt.h Fri Jan 17 18:14:30 2003 @@ -33,6 +33,7 @@ char *crypt_des(const char *pw, const char *salt); char *crypt_md5(const char *pw, const char *salt); char *crypt_blowfish(const char *pw, const char *salt); +char *crypt_nthash(const char *pw, const char *salt); extern void _crypt_to64(char *s, unsigned long v, int n); --------------090704040802080706060608 Content-Type: text/plain; name="crypt-nthash.c" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="crypt-nthash.c" /* * ---------------------------------------------------------------------------- * "THE BEER-WARE LICENSE" (Revision 42): * wrote this file. As long as you retain this notice you * can do whatever you want with this stuff. If we meet some day, and you think * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp * ---------------------------------------------------------------------------- * * $FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5.2.1 2001/05/24 12:20:02 markm Exp $ * */ #if defined(LIBC_SCCS) && !defined(lint) static const char rcsid[] = \ "$FreeBSD: src/lib/libcrypt/crypt-md5.c,v 1.5.2.1 2001/05/24 12:20:02 markm Exp $"; #endif /* LIBC_SCCS and not lint */ #include #include #include #include #include #include #include #include "crypt.h" #define MD4_SIZE 16 /* * NT HASH = md4(str2unicode(pw)) */ char *crypt_nthash(pw, salt) const char *pw; const char *salt; { int unipwLen; static char *magic = "$3$"; static char passwd[120]; u_int16_t unipw[128]; u_char final[32 + 1]; const char *s; MD4_CTX ctx; /* convert to unicode (thanx Archie) */ for (unipwLen = 0, s = pw; unipwLen < sizeof(unipw) / 2 && *s; s++) unipw[unipwLen++] = htons(*s << 8); /* Compute MD4 of Unicode password */ MD4Init(&ctx); MD4Update(&ctx, (u_char *) unipw, unipwLen * sizeof(*unipw)); MD4End(&ctx, final); strcpy(passwd, magic); strcat(passwd, "$"); strncat(passwd, final, 32); /* Don't leave anything around in vm they could use. */ memset(final, 0, sizeof final); return passwd; } int main(void) { char *pw; pw = crypt_nthash("MyPw", ""); printf("NT-Hash: %s\n", pw); printf("Expected:%s\n", "$3$$FC156AF7EDCD6C0EDDE3337D427F4EAC"); exit (0); } --------------090704040802080706060608-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message