[prog] web authentication
Almut Behrens
almut-behrens at gmx.net
Fri Nov 11 07:47:27 EST 2005
On Wed, Nov 09, 2005 at 11:40:36PM +0000, Caroline Johnston wrote:
> Think I'll try setting up https for the login page
> and SHA hashing on the password in the DB.
Hi Cass,
I know I'm a little late... but just wanted to say that this is a wise
decision :) Using https for login is always superior to using any of
those "one-way hashing" techniques you first had in mind -- in several
respects.
Of course, they're far better than sending plaintext passwords across
the net -- 'cos that's what they effectively avoid. However, the
problem with these approaches is (as you've correctly identified) that
the server and the user on the client-side always need to share some
secret, so the same hashing computations can be performed on both
sides. AFAIK, there's no way around that.
IOW, they're OK as long as you can make sure those secrets/passwords
are locked down securely on the server. Or the security level you're
trying to achieve isn't too high. Or you can't under no circumstances
do https for some reason.
Note that you could, of course, store nothing but the passwords' hashes
server-side, and then have the browser compute[1]
MD5(challenge, MD5(password))
to compare the result against
MD5(challenge, hashed_passw)
server-side. But that would help you nothing at all, as in that case
the hashed_passw would become the secret... 'cos anyone who knows that
hashed_passw could easily gain access -- simply by leaving out the
inner MD5(password) computation, and doing MD5(challenge, hashed_passw)
right away, just as the server does.
Also, a more general issue with those approaches is that Javascript
would need to be enabled in the browser, which you don't always want to
make a prerequisite for being able to login...
Cheers,
Almut
[1] for anyone wondering how that's done: there are Javascript libraries
for MD5, SHA1,... e.g. http://pajhome.org.uk/crypt/md5/index.html
More information about the Programming
mailing list