[Zope-dev] Salt-weakness in zope.app.authentication passwordmanagers?
Uli Fouquet
uli at gnufix.de
Sat Jan 17 17:15:19 EST 2009
Hi Dan,
thanks for your quick response.
Dan Korostelev wrote:
> Yeah, that's definetely a mistake! The hash needs to be generated
> using both salt and password.
>
> Also, I saw a technique when you generate a hash using double hashing,
> like this: sha(sha(password) + salt).hexdigest(). It looks even more
> secure :)
Hm, not sure. Building the hash of a hash doesn't give a more equal
distribution, does it? Therefore it doesn't look 'more secure' to me.
A dictionary-attacker could simply generate the list of hashes by using
hash(hash(dict_entry)) instead of hash(dict_entry). That wouldn't cost
much.
A brute force-attacker would also have no extra-work, because a hashed
'password' is as difficult to crack as hashed 'hash(password)' in
brute-force-attacks.
I might be wrong here.
Using a better hash-algorithm instead, as Shane proposed, could really
improve security IMHO. At least it should be supported by the standard
password managers in zope.app.authentication.
> BTW, to fix it, we need to remember about migration of already stored
> hashes. I guess zope.app.generations will do the job.
Yep, that's important and could cause trouble. Already stored passwords
could become invalid if we don't care for them and this could also be a
problem with generations, as here not only pure code would be concerned
but also data stored in the configuration.
Best regards,
--
Uli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20090117/17584ce2/attachment.bin
More information about the Zope-Dev
mailing list