[Opensim-dev] open sim UUID and Passwordhash

Impalah Shenzhou impalah at gmail.com
Fri Oct 16 17:04:00 UTC 2009 

I can't refuse your arguments about this kind of security, they sound good
for me, except that the extra data are bigger than 128 bit: actually is a
string in database.
I suppose it will be improved in the future.

Thanks for the complete explanation, Adam.


2009/10/16 Frisby, Adam <adam at deepthink.com.au>

>  Just because other software may do it wrong does not mean it is secure.
>
>
>
> Drupal using a plain MD5 is alarming – since it allows for very quick plain
> lookups in existing databases (no need to calculate the dictionary +
> permuation with your fixed salt). Storing a custom salt for each user is
> essential if you wish to make dictionary attacks significantly more
> expensive. (Actually it also allows for plain collision attacks too.)
>
>
>
> Consider this case:
>
> ·         Calculate Every Permutation of the Dictionary plus a couple of
> common modifications, plus your fixed salt. (this will get ~80%+ of user
> passwords).
>
> Versus
>
> ·         Do the above, but for each user – since the salt is changing per
> user.
>
>
>
> The second will take ‘n’ times longer to calculate (where N is equivalent
> to the size of your database), it also works in the inverse – if you have a
> 10 million user database, it means you need 1/10millionth of the time to try
> calculate a valid hit. It adds up. Bigtime.
>
>
>
> A unique hash for the whole application helps against global world-wide MD5
> databases, but it still does not help the above situation.
>
>
>
> Frankly the storage and transmission size arguments are complete bunk. We
> are talking 128-bits extra data per user for a good salt which adds up to
> about ‘jack shit’ when summed over the lifetime of the application. It takes
> very little extra time, and we already stuff that data into our default
> database schemas.
>
>
>
> Likewise, having a long salt versus a short salt makes very little
> difference – because it’s the uniqueness that counts (see the two cases
> above.)
>
>
>
> Short summary of the above: Do it if you have any desire to follow good
> security practices with your users. It takes almost no extra time and gives
> you appreciable benefits.
>
>
>
> Adam
>
>
>
> *From:* opensim-dev-bounces at lists.berlios.de [mailto:
> opensim-dev-bounces at lists.berlios.de] *On Behalf Of *Impalah Shenzhou
> *Sent:* Friday, 16 October 2009 4:37 AM
>
> *To:* opensim-dev at lists.berlios.de
> *Subject:* Re: [Opensim-dev] open sim UUID and Passwordhash
>
>
>
> Thanks for the info Melanie.
>
> Adam, I consider Drupal, for example, a CMS with a decent security and it
> only uses md5(plain_password) to store user passwords. Some php frameworks
> (for example Code Igniter, Cake php...) use, but not mandatory, an unique
> hash for all the application.
>
> A random hash for every user improves security, you're right, but increases
> the data sent between DB and servers for every authentication. I prefer not
> to overload data transmission for something I think is overprotection. Maybe
> for 10 or 100 users there won't be no problems, but think on 10000 and each
> byte will count (they aren't cheap).
>
> If you have a long, secret and unique hash for your servers, who can make
> an effective attack to you (at least in reasonable time)?
>
> Maybe the difference could be that Drupal used to be deployed over Apache,
> and it can be protected against dictionary attacks activating some modules,
> while Opensim/UGAIM are servers "per se", basic servers.
>
> It's my opinion, if you don't like it, I have more :-P
>
> Greetings
>
>  2009/10/16 Frisby, Adam <adam at deepthink.com.au>
>
> A long fixed salt doesn’t help over the simple “:” in any practical way.
> The salt *must* be unique for each user for decent security.
>
>
>
> Adam
>
>
>
> *From:* opensim-dev-bounces at lists.berlios.de [mailto:
> opensim-dev-bounces at lists.berlios.de] *On Behalf Of *Impalah Shenzhou
> *Sent:* Friday, 16 October 2009 3:44 AM
>
>
> *To:* opensim-dev at lists.berlios.de
> *Subject:* Re: [Opensim-dev] open sim UUID and Passwordhash
>
>
>
> This comes from UserManagerBase.AddUser (0.6.6):
>
> string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(password) + ":" +
> String.Empty);
>
> The salt should be where String.Empty is.
>
> I think it doesn't change in the most recent versions, so the "create user"
> method of the console (both standalone and ugaim) are unsecure by default.
>
>
> Anyway, I agree with Melanie and Adam that the salt is needed for improving
> security, if not a random salt every time you create an user, at least a
> long and secret unique salt.
>
> Greetings
>
>  2009/10/16 Frisby, Adam <adam at deepthink.com.au>
>
> +1 to Melanie, that code is *not* secure. It is salted with a ":" but
> that's a fixed known salt.
>
> This is what I suggest:
>
> $passwordSalt = md5(time() . utime() . mt_rand(0,mt_getrandmax())); // or
> any other good random source
> $passwordHash = md5(md5($password) . ':' . $passwordSalt);
>
> $passwordSalt should be unique among your database (very likely with the
> above code); if there are duplicates, then it allows dictionary attacks to
> be done, the more duplicates, the more effective it is.
>
> Adam
>
>
> > -----Original Message-----
> > From: opensim-dev-bounces at lists.berlios.de [mailto:opensim-dev-
> > bounces at lists.berlios.de] On Behalf Of Melanie
> > Sent: Thursday, 15 October 2009 4:14 PM
> > To: opensim-dev at lists.berlios.de
> > Subject: Re: [Opensim-dev] open sim UUID and Passwordhash
> >
> > Please don't use that code. It creates unsalted hashes, which are
> > not secure.
> > The "" should be a ranndom salt, stored in the passwordSalt field in
> > the DB. If that is blank, you're running a very insecure system
> >
> >
> > Melanie
> >
> >
> > Rich White wrote:
> > > here is the PHP code - $password_hash = md5(md5($password) . ":"
> > ."");
> > >
> > > an md5 hash of an md5 hash
> > >
> > > =====
> > >
> > > 2009/10/15 Márcio Cardoso <marciomaiden at gmail.com>:
> > >> Good night,
> > >>
> > >> will be possible that someone could help me with 2 problems I have?
> > I'm
> > >> trying to create a stored procedure in mysql to add users, but do
> > not know
> > >> how UUID  is generated. anyone have any idea how this happens?
> > Another
> > >> problem is how is the encoding of the password.
> > >>
> > >> The ideal was to have access to the code that  opensim uses to add
> > avatars.
> > >> but I got tired of looking and nothing. I thank you for your help.
> > >>
> > >> Greetings,
> > >>
> > >> Márcio Cardoso
> > >>
> > >> _______________________________________________
> > >> Opensim-dev mailing list
> > >> Opensim-dev at lists.berlios.de
> > >> https://lists.berlios.de/mailman/listinfo/opensim-dev
> > >>
> > >>
> > > _______________________________________________
> > > Opensim-dev mailing list
> > > Opensim-dev at lists.berlios.de
> > > https://lists.berlios.de/mailman/listinfo/opensim-dev
> >
> > _______________________________________________
> > Opensim-dev mailing list
> > Opensim-dev at lists.berlios.de
> > https://lists.berlios.de/mailman/listinfo/opensim-dev
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
>
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
>
> _______________________________________________
> Opensim-dev mailing list
> Opensim-dev at lists.berlios.de
> https://lists.berlios.de/mailman/listinfo/opensim-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://opensimulator.org/pipermail/opensim-dev/attachments/20091016/ac619f63/attachment-0001.html>

More information about the Opensim-dev mailing list