Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Password Exchange
"Igoe, Kevin M." <kmigoe@nsa.gov> Fri, 03 February 2012 14:08 UTC
Return-Path: <kmigoe@nsa.gov>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AC7C21F85CE for <cfrg@ietfa.amsl.com>; Fri, 3 Feb 2012 06:08:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.951
X-Spam-Level:
X-Spam-Status: No, score=-2.951 tagged_above=-999 required=5 tests=[AWL=-3.647, BAYES_00=-2.599, CHARSET_FARAWAY_HEADER=3.2, MIME_8BIT_HEADER=0.3, MIME_CHARSET_FARAWAY=2.45, RCVD_IN_DNSWL_MED=-4, SARE_SUB_ENC_GB2312=1.345]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kRjzd9ve6KHf for <cfrg@ietfa.amsl.com>; Fri, 3 Feb 2012 06:08:03 -0800 (PST)
Received: from msux-gh1-uea01.nsa.gov (msux-gh1-uea01.nsa.gov [63.239.65.39]) by ietfa.amsl.com (Postfix) with ESMTP id 6638221F8535 for <cfrg@irtf.org>; Fri, 3 Feb 2012 06:08:03 -0800 (PST)
Received: from MSCS-GH1-UEA02.corp.nsa.gov (localhost [127.0.0.1]) by msux-gh1-uea01.nsa.gov (8.12.10/8.12.10) with ESMTP id q13E81ni029912; Fri, 3 Feb 2012 14:08:01 GMT
Received: from MSIS-GH1-UEA06.corp.nsa.gov ([10.215.228.137]) by MSCS-GH1-UEA02.corp.nsa.gov with Microsoft SMTPSVC(6.0.3790.3959); Fri, 3 Feb 2012 09:08:01 -0500
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Fri, 03 Feb 2012 09:08:01 -0500
Message-ID: <80F9AC969A517A4DA0DE3E7CF74CC1BB425BAD@MSIS-GH1-UEA06.corp.nsa.gov>
In-Reply-To: <CB4F1C7B.A594%uri@ll.mit.edu>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Cfrg] 答复: Re: [saag] New draft: Hashed Password Exchange
Thread-Index: AczhKtX/OtNEbfTsTlGGOKbUr1guRABTl2iA
References: <1872CE9C-C36C-4E76-90A5-59271631610B@qualcomm.com> <CB4F1C7B.A594%uri@ll.mit.edu>
From: "Igoe, Kevin M." <kmigoe@nsa.gov>
To: "Blumenthal, Uri - 0668 - MITLL" <uri@ll.mit.edu>, cfrg@irtf.org
X-OriginalArrivalTime: 03 Feb 2012 14:08:01.0545 (UTC) FILETIME=[3D60DF90:01CCE27D]
Subject: Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Password Exchange
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Feb 2012 14:08:04 -0000
Applying a function to a random variable can never increase its entopy. See chapter 2 of Cover & Thomas' "Elements of Information Theory", exercise 5, which shows that for any function g and random variable X in the domain of g, H( g(X) ) <= H(X) (where H(Z) = the entropy of a random variable Z). In our case g is a hash function, X is the original password and g(X) is the hash of the password. Then a hashed password cannot have more entropy than the original password and may in fact have less entropy. > -----Original Message----- > From: cfrg-bounces@irtf.org [mailto:cfrg-bounces@irtf.org] On Behalf Of > Blumenthal, Uri - 0668 - MITLL > Sent: Wednesday, February 01, 2012 4:46 PM > To: cfrg@irtf.org > Subject: Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Password > Exchange > > On 2/1/12 12:11 , "Rose, Greg" <ggr@qualcomm.com> wrote: > > >On 2012 Feb 1, at 0:13 , <zhou.sujing@zte.com.cn> > ><zhou.sujing@zte.com.cn> wrote: > >> Since passwords are often not too long, and not so random, it is > better > >> to hash it before using it as a key in a HMAC. > > > >I'm afraid this is a fallacy. While it will be longer, and will look > >random, there is exactly the same (lack of) entropy in a hashed weak > >password as there is in the original password. It's still vulnerable > to > >password search, although with a slightly increased workload due to > the > >(single) extra hash invocation. > > Concur 100%. > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > http://www.irtf.org/mailman/listinfo/cfrg
- [Cfrg] New draft: Hashed Password Exchange Steven Bellovin
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Steven Bellovin
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Steven Bellovin
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Yaron Sheffer
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Blumenthal, Uri - 0668 - MITLL
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Dan Harkins
- [Cfrg] 答复: Re: [saag] New draft: Hashed Password … zhou.sujing
- [Cfrg] 答复: Re: [saag] New draft: Hashed Password … zhou.sujing
- Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Passw… Blumenthal, Uri - 0668 - MITLL
- Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Passw… Rose, Greg
- Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Passw… Blumenthal, Uri - 0668 - MITLL
- [Cfrg] 答复: Re: 答复: Re: [saag] New draft: Hashed P… zhou.sujing
- Re: [Cfrg] ´ð¸´: Re: ´ð¸´: Re: [saag] New draft: … Dan Harkins
- Re: [Cfrg] ´ð¸´: Re: ´ð¸´: Re: [saag] New draft: … Steven Bellovin
- Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Passw… Igoe, Kevin M.
- Re: [Cfrg] 答复: Re: [saag] New draft: Hashed Passw… Blumenthal, Uri - 0668 - MITLL
- Re: [Cfrg] ´ð¸´: Re: ´ð¸´: Re: [saag] New draft: … Henry B. Hotz
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Yaron Sheffer
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Steven Bellovin
- [Cfrg] 答复: Re: ´ð¸´: Re: ´ð¸´: Re: [saag] New dra… zhou.sujing
- Re: [Cfrg] 答复: Re: ´ð¸´: Re: ´ð¸´: Re: [saag] New… Steven Bellovin
- Re: [Cfrg] [saag] New draft: Hashed Password Exch… Steven Bellovin