[Opensim-dev] open sim UUID and Passwordhash

Dr Scofield DrScofield at xyzzyxyzzy.net
Fri Oct 16 15:20:27 UTC 2009 

Alan M Webb wrote:
> 
> If everyone is really concerned about security, then perhaps we should
> stop using MD5?

;-) who's going to tell the LL clients that?

	cheers,
	DrS/dirk


> 
> Best regards
> Alan
> -------------------
> T.J. Watson Research Center, Hawthorne, NY
> 1-914-784-7286
> alan_webb at us.ibm.com
> 
> 
> From: 	"Frisby, Adam" <adam at deepthink.com.au>
> To: 	"opensim-dev at lists.berlios.de" <opensim-dev at lists.berlios.de>
> Date: 	10/16/2009 09:06 AM
> Subject: 	Re: [Opensim-dev] open sim UUID and Passwordhash
> 
> 
> ------------------------------------------------------------------------
> 
> 
> 
> Just because other software may do it wrong does not mean it is secure.
>  
> Drupal using a plain MD5 is alarming – since it allows for very quick
> plain lookups in existing databases (no need to calculate the dictionary
> + permuation with your fixed salt). Storing a custom salt for each user
> is essential if you wish to make dictionary attacks significantly more
> expensive. (Actually it also allows for plain collision attacks too.)
>  
> Consider this case:
> ·         Calculate Every Permutation of the Dictionary plus a couple of
> common modifications, plus your fixed salt. (this will get ~80%+ of user
> passwords).
> Versus
> ·         Do the above, but for each user – since the salt is changing
> per user.
>  
> The second will take ‘n’ times longer to calculate (where N is
> equivalent to the size of your database), it also works in the inverse –
> if you have a 10 million user database, it means you need 1/10millionth
> of the time to try calculate a valid hit. It adds up. Bigtime.
>  
> A unique hash for the whole application helps against global world-wide
> MD5 databases, but it still does not help the above situation.
>  
> Frankly the storage and transmission size arguments are complete bunk.
> We are talking 128-bits extra data per user for a good salt which adds
> up to about ‘jack shit’ when summed over the lifetime of the
> application. It takes very little extra time, and we already stuff that
> data into our default database schemas.
>  
> Likewise, having a long salt versus a short salt makes very little
> difference – because it’s the uniqueness that counts (see the two cases
> above.)
>  
> Short summary of the above: Do it if you have any desire to follow good
> security practices with your users. It takes almost no extra time and
> gives you appreciable benefits.
>  
> Adam
>  
> *From:* opensim-dev-bounces at lists.berlios.de
> [mailto:opensim-dev-bounces at lists.berlios.de] *On Behalf Of *Impalah
> Shenzhou*
> Sent:* Friday, 16 October 2009 4:37 AM*
> To:* opensim-dev at lists.berlios.de*
> Subject:* Re: [Opensim-dev] open sim UUID and Passwordhash
>  
> Thanks for the info Melanie.
> 
> Adam, I consider Drupal, for example, a CMS with a decent security and
> it only uses md5(plain_password) to store user passwords. Some php
> frameworks (for example Code Igniter, Cake php...) use, but not
> mandatory, an unique hash for all the application.
> 
> A random hash for every user improves security, you're right, but
> increases the data sent between DB and servers for every authentication.
> I prefer not to overload data transmission for something I think is
> overprotection. Maybe for 10 or 100 users there won't be no problems,
> but think on 10000 and each byte will count (they aren't cheap).
> 
> If you have a long, secret and unique hash for your servers, who can
> make an effective attack to you (at least in reasonable time)?
> 
> Maybe the difference could be that Drupal used to be deployed over
> Apache, and it can be protected against dictionary attacks activating
> some modules, while Opensim/UGAIM are servers "per se", basic servers.
> 
> It's my opinion, if you don't like it, I have more :-P
> 
> Greetings
> 
> 2009/10/16 Frisby, Adam <_adam at deepthink.com.au_
> <mailto:adam at deepthink.com.au>>
> A long fixed salt doesn’t help over the simple “:” in any practical way.
> The salt *must* be unique for each user for decent security.
>  
> Adam
>  
> *From:* _opensim-dev-bounces at lists.berlios.de_
> <mailto:opensim-dev-bounces at lists.berlios.de>
> [mailto:_opensim-dev-bounces at lists.berlios.de_
> <mailto:opensim-dev-bounces at lists.berlios.de>] *On Behalf Of *Impalah
> Shenzhou*
> Sent:* Friday, 16 October 2009 3:44 AM
> *
> To:* _opensim-dev at lists.berlios.de_ <mailto:opensim-dev at lists.berlios.de>*
> Subject:* Re: [Opensim-dev] open sim UUID and Passwordhash
>  
> This comes from UserManagerBase.AddUser (0.6.6):
> 
> string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(password) + ":" +
> String.Empty);
> 
> The salt should be where String.Empty is.
> 
> I think it doesn't change in the most recent versions, so the "create
> user" method of the console (both standalone and ugaim) are unsecure by
> default.
> 
> 
> Anyway, I agree with Melanie and Adam that the salt is needed for
> improving security, if not a random salt every time you create an user,
> at least a long and secret unique salt.
> 
> Greetings
> 
> 2009/10/16 Frisby, Adam <_adam at deepthink.com.au_
> <mailto:adam at deepthink.com.au>>
> +1 to Melanie, that code is *not* secure. It is salted with a ":" but
> that's a fixed known salt.
> 
> This is what I suggest:
> 
> $passwordSalt = md5(time() . utime() . mt_rand(0,mt_getrandmax())); //
> or any other good random source
> $passwordHash = md5(md5($password) . ':' . $passwordSalt);
> 
> $passwordSalt should be unique among your database (very likely with the
> above code); if there are duplicates, then it allows dictionary attacks
> to be done, the more duplicates, the more effective it is.
> 
> Adam
> 
>> -----Original Message-----
>> From: _opensim-dev-bounces at lists.berlios.de_
> <mailto:opensim-dev-bounces at lists.berlios.de> [mailto:_opensim-dev-_
> <mailto:opensim-dev->
>> _bounces at lists.berlios.de_ <mailto:bounces at lists.berlios.de>] On
> Behalf Of Melanie
>> Sent: Thursday, 15 October 2009 4:14 PM
>> To: _opensim-dev at lists.berlios.de_ <mailto:opensim-dev at lists.berlios.de>
>> Subject: Re: [Opensim-dev] open sim UUID and Passwordhash
>>
>> Please don't use that code. It creates unsalted hashes, which are
>> not secure.
>> The "" should be a ranndom salt, stored in the passwordSalt field in
>> the DB. If that is blank, you're running a very insecure system
>>
>>
>> Melanie
>>
>>
>> Rich White wrote:
>> > here is the PHP code - $password_hash = md5(md5($password) . ":"
>> ."");
>> >
>> > an md5 hash of an md5 hash
>> >
>> > =====
>> >
>> > 2009/10/15 Márcio Cardoso <_marciomaiden at gmail.com_
> <mailto:marciomaiden at gmail.com>>:
>> >> Good night,
>> >>
>> >> will be possible that someone could help me with 2 problems I have?
>> I'm
>> >> trying to create a stored procedure in mysql to add users, but do
>> not know
>> >> how UUID  is generated. anyone have any idea how this happens?
>> Another
>> >> problem is how is the encoding of the password.
>> >>
>> >> The ideal was to have access to the code that  opensim uses to add
>> avatars.
>> >> but I got tired of looking and nothing. I thank you for your help.
>> >>
>> >> Greetings,
>> >>
>> >> Márcio Cardoso
>> >>
>> >> _______________________________________________
>> >> Opensim-dev mailing list
>> >> _Opensim-dev at lists.berlios.de_ <mailto:Opensim-dev at lists.berlios.de>
>> >> _https://lists.berlios.de/mailman/listinfo/opensim-dev_
>> >>
>> >>
>> > _______________________________________________
>> > Opensim-dev mailing list
>> > _Opensim-dev at lists.berlios.de_ <mailto:Opensim-dev at lists.berlios.de>
>> > _https://lists.berlios.de/mailman/listinfo/opensim-dev_
>>
>> _______________________________________________
>> Opensim-dev mailing list
>> _Opensim-dev at lists.berlios.de_ <mailto:Opensim-dev at lists.berlios.de>
>> _https://lists.berlios.de/mailman/listinfo/opensim-dev_
> _______________________________________________
> Opensim-dev mailing list_
> __Opensim-dev at lists.berlios.de_ <mailto:Opensim-dev at lists.berlios.de>_
> __https://lists.berlios.de/mailman/listinfo/opensim-dev_
>  
> 
> _______________________________________________
> Opensim-dev mailing list_
> __Opensim-dev at lists.berlios.de_ <mailto:Opensim-dev at lists.berlios.de>_
> __https://lists.berlios.de/mailman/listinfo/opensim-dev_
>  _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev


-- 
dr dirk husemann ---- virtual worlds research ---- ibm zurich research lab
SL: dr scofield ---- drscofield at xyzzyxyzzy.net ---- http://xyzzyxyzzy.net/
RL: hud at zurich.ibm.com - +41 44 724 8573 - http://www.zurich.ibm.com/~hud/

More information about the Opensim-dev mailing list