[10277] in bugtraq
Re: Plain text passwords--necessary
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Apr 20 14:10:18 1999
Date: Mon, 19 Apr 1999 17:07:28 -0400
Reply-To: "Steven M. Bellovin" <smb@RESEARCH.ATT.COM>
From: "Steven M. Bellovin" <smb@RESEARCH.ATT.COM>
X-To: Phillip Vandry <vandry@mlink.net>
To: BUGTRAQ@NETSPACE.ORG
In message <199904191510.LAA03916@Iodine.Mlink.NET>, Phillip Vandry writes:
>> First, plain text passwords are being used is places where they need not
>> be. For example the recent post about the Real Media server storing
>> plain text passwords. There is no reason for the server to store
>> plain text passwords. It can store a hash and authenticate users
>> against the hash.
>
>It's the old PAP versus CHAP debate. *YES*, there is reason for the
>realmedia server to store the password in plaintext (although it
>should still obfuscate it to prevent accidental viewing). I always
>like to compare the types of PPP authentication to show this:
>
>Method Client Wire Server
>------ --------- --------- ---------
>PAP Clear Clear Encrypted
>CHAP Clear Encrypted Clear
>
>And I don't think we can do better than that. We can encrypt at only one
>stage of the process. We have to make a tradeoff.
It's certainly possible to do better -- there's a whole family of protocols
that do that. See, for example, /http://www.research.att.com/~smb/papers/aeke.ps (or .pdf), which gives
encrypted on the wire and at the server. (The predecessor paper is
http://www.research.att.com/~smb/papers/neke.ps) There are related
protocols by others.
