Re: [Cfrg] [saag] New draft: Hashed Password Exchange

Steven Bellovin <smb@cs.columbia.edu> Wed, 04 January 2012 23:36 UTC

Return-Path: <smb@cs.columbia.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A764211E8135; Wed, 4 Jan 2012 15:36:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.599
X-Spam-Level:
X-Spam-Status: No, score=-4.599 tagged_above=-999 required=5 tests=[AWL=-2.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6CWQwAD6rYXz; Wed, 4 Jan 2012 15:36:38 -0800 (PST)
Received: from rambutan.cc.columbia.edu (rambutan.cc.columbia.edu [128.59.29.5]) by ietfa.amsl.com (Postfix) with ESMTP id B322611E8134; Wed, 4 Jan 2012 15:36:37 -0800 (PST)
Received: from [192.168.2.166] (74-92-112-54-Philadelphia.hfc.comcastbusiness.net [74.92.112.54]) (user=smb2132 mech=PLAIN bits=0) by rambutan.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id q04NaY1C018521 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 4 Jan 2012 18:36:35 -0500 (EST)
Mime-Version: 1.0 (Apple Message framework v1251.1)
Content-Type: text/plain; charset=iso-8859-1
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <4F04DAA1.5050604@isi.edu>
Date: Wed, 4 Jan 2012 18:36:34 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <33E0B548-D141-48CA-86DC-F7E4EB1DEDD2@cs.columbia.edu>
References: <583849CD-D0AD-4792-8894-04598898BA0F@cs.columbia.edu> <4F04D0CD.9010807@isi.edu> <95A30BC1-F5F8-4937-AE41-08BF92B5BBB5@cs.columbia.edu> <4F04DAA1.5050604@isi.edu>
To: Joe Touch <touch@ISI.EDU>
X-Mailer: Apple Mail (2.1251.1)
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.68 on 128.59.29.5
Cc: cfrg@irtf.org, saag@ietf.org
Subject: Re: [Cfrg] [saag] New draft: Hashed Password Exchange
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2012 23:36:38 -0000

Not with HMAC -- we do it all the time with, say, ESP-NULL.


On Jan 4, 2012, at 6:02 57PM, Joe Touch wrote:

> 
> 
> On 1/4/2012 2:56 PM, Steven Bellovin wrote:
>> Good point; let me think about it for -01.  An obvious solution is to send
>> the hostname with the effective password.
> 
> Yes, I considered that, but then you're sending cleartext that was part of the hash; I thought that was frowned upon...
> 
> Joe
> 
>> 
>> On Jan 4, 2012, at 5:21 01PM, Joe Touch wrote:
>> 
>>> Hi, Steve,
>>> 
>>> This doc doesn't appear to address the case where a host has multiple DNS names, which could make it difficult to incorporate the hostname into the transform. I.e., I could contact a mail server at an IP address that represents any of dozens of DNS names - how does the server know which one I used so it can match without exhaustively trying all its equivalent names?
>>> 
>>> Joe
>>> 
>>> On 1/4/2012 1:41 PM, Steven Bellovin wrote:
>>>> I'd appreciate comments on my new draft, draft-bellovin-hpw-00.txt:
>>>> 
>>>> Abstract
>>>> 
>>>>    Many systems (e.g., cryptographic protocols relying on symmetric
>>>>    cryptography) require that plaintext passwords be stored.  Given how
>>>>    often people reuse passwords on different systems, this poses a very
>>>>    serious risk if a single machine is compromised.  We propose a scheme
>>>>    to derive passwords limited to a single machine from a typed
>>>>    password, and explain how a protocol definition can specify this
>>>>    scheme.
>>>> 
>>>> 
>>>> 		--Steve Bellovin, https://www.cs.columbia.edu/~smb
>>>> 
>>>> 
>>>> 
>>>> 
>>>> 
>>>> _______________________________________________
>>>> saag mailing list
>>>> saag@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/saag
>>> 
>> 
>> 
>> 		--Steve Bellovin, https://www.cs.columbia.edu/~smb
>> 
>> 
>> 
>> 
>> 
> 


		--Steve Bellovin, https://www.cs.columbia.edu/~smb