Date: Mon, 26 Feb 1996 07:51:06 -0800 (PST) From: "az.com" <yankee@anna.az.com> To: Ollivier Robert <roberto@keltia.freenix.fr> Cc: Ng Pheng Siong <ngps@cbn.com.sg>, james@teamos2.org, rashid@rk.ios.com, taob@io.org, freebsd-security@FreeBSD.ORG Subject: Re: Informing users of cracked passwords? Message-ID: <Pine.BSF.3.91.960226071728.2045A-100000@anna.az.com> In-Reply-To: <199602260747.IAA05354@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Perhaps it would be nice project to try to upgrade FreeBSD's password authentication and add an option which would move it away from the host and onto a separate system and also allow it to check for qualified passwords. The system's design would make it impossible in any way for even the owner of the authentication server to know what the real or encrypted version of the passwords were. (The first idea is similar to cisco TACACS or XYLOGICS Annex's ACP_PASSWD, the second idea is mine (or undoubtedly someone else's too?)) This system would be a 'drop-in-replacement' like kerberos that would go a step further and offer a super-huge DES like key that 'could not' be decrypted by any future super computer. It would use an encrypted handshaking scheme, moving time synchronization scheme, and even a unique mutating algorithm scheme that would make it immune to sniffing and hacking of all kinds. The changing algorithm(s) and/or the flavors in use on any particular password entry would again, not be viewable by even the owner of the authentication server. This system might require a chip on the authentication server used to randomly select the encryption formats and handshaking keys in case someone broke open and physically read the server's media, although I think something pretty good could be designed in software with enough effort. I realize this idea is in left field and does not follow the single-system model, but for bigger organizations who can afford a separate system, it should be at least added to unix as an alternative to the shadow password file and get password entry routines, etc. I know that similar things already exist, but I know of no 'drop-in-replacement' like this that can go right into a running unix system like kerberos or nis, etc. In addition, it would be nice if a set of special additional changing keys were granted by the server that could be used for things like optional decrypting/encrypting all data read/written from the file systems for a particular UID. On Mon, 26 Feb 1996, Ollivier Robert wrote: > It seems that Ng Pheng Siong said: > > > > I believe ANLpasswd is an improvement on that. > > Except that it does not support shadowing schemes. I had to hack it to > support Sun's /etc/security/*.adjuct files. The same has to be done to > support /etc/master.passwd and the new fields in it. > -- > Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net > FreeBSD keltia.freenix.fr 2.2-CURRENT #1: Tue Feb 20 01:16:51 MET 1996 >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960226071728.2045A-100000>