From owner-freebsd-security@FreeBSD.ORG Tue Oct 5 06:29:22 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6C9E16A4CE for ; Tue, 5 Oct 2004 06:29:22 +0000 (GMT) Received: from smtp15.wxs.nl (smtp15.wxs.nl [195.121.6.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A9A143D55 for ; Tue, 5 Oct 2004 06:29:22 +0000 (GMT) (envelope-from freebsd@akruijff.dds.nl) Received: from kruij557.speed.planet.nl (ipd50a97ba.speed.planet.nl [213.10.151.186]) by smtp15.wxs.nl (iPlanet Messaging Server 5.2 HotFix 1.25 (built Mar 3 2004)) with ESMTP id <0I5300HJXM0WUL@smtp15.wxs.nl> for freebsd-security@freebsd.org; Tue, 05 Oct 2004 08:29:21 +0200 (CEST) Received: from alex.lan (localhost [127.0.0.1]) by kruij557.speed.planet.nl (8.12.10/8.12.10) with ESMTP id i956TKMP001765; Tue, 05 Oct 2004 08:29:20 +0200 Received: (from akruijff@localhost) by alex.lan (8.12.10/8.12.10/Submit) id i956TJaB001764; Tue, 05 Oct 2004 08:29:19 +0200 Content-return: prohibited Date: Tue, 05 Oct 2004 08:29:19 +0200 From: Alex de Kruijff In-reply-to: <20040928090551.GA1800@orion.daedalusnetworks.priv> To: Giorgos Keramidas Message-id: <20041005062919.GE917@alex.lan> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.4.2.1i References: <20011107211316.A7830@nomad.lets.net> <20040925140242.GB78219@gothmog.gr> <41575DFC.9020206@wadham.ox.ac.uk> <20040927091710.GC914@orion.daedalusnetworks.priv> <41582024.2080205@wadham.ox.ac.uk> <20040928090551.GA1800@orion.daedalusnetworks.priv> X-Authentication-warning: alex.lan: akruijff set sender to freebsd@akruijff.dds.nl using -f cc: freebsd-security@freebsd.org cc: Colin Percival Subject: Re: compare-by-hash (was Re: sharing /etc/passwd) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Oct 2004 06:29:22 -0000 On Tue, Sep 28, 2004 at 12:05:51PM +0300, Giorgos Keramidas wrote: > On 2004-09-27 07:13, Colin Percival wrote: > > Giorgos Keramidas wrote: > > >Increasing the number of bits the hash key uses will decrease the > > >possibility of a collision but never eliminate it entirely, AFAICT. > > > > How small does a chance of error need to be before you're willing to > > ignore it? > > That's a good question. I'm not sure I have a definitive answer, but > the possibility of a collision is indeed scary. Especially since I > haven't seen a study of the real probability of a collition is, given > the fact that passwords aren't (normally) random binary data but a > much smaller subset of the universe being hashed. I could be wrong but arn't hash values more random dan anything a user can in put. > > If an appropriately strong hash is used (eg, SHA1), then the probability > > of obtaining an incorrect /etc/*pwd.db with a correct hash is much > > smaller than the probability of a random incorrect password being > > accepted. Remember, passwords are stored by their MD5 hashes, so a > > random password has a 2^(-128) chance of working. > > I was probably being unreasonably paranoid about 'modified' passwords > that don't get detected as modified, but what you describe is also > true. You could simply scp these few files afther the rsync. There's files aren't that large. -- Alex Articles based on solutions that I use: http://www.kruijff.org/alex/FreeBSD/