[Ach] Fwd: E-Mail Protocol Security Measurements
Daniel Frank
ach-cert-at-87234 at danielfrank.net
Tue Jul 28 15:05:21 CEST 2015
Am Dienstag, 28. Juli 2015, 13:21:30 schrieb Sebastian:
> >> * a huge number of servers offer AUTH PLAIN (some without
STARTTLS)
> >
> > Where do you see the problem (with STARTTLS)?
> >
> > ACH recommends AUTH PLAIN over STARTTLS and most other
authentication
> > schemes require you to store the password rather than the hash.
>
> A hashed password over a secure channel is still more safe than an
> unecrypted password on a secure channel. In case of vulnerabilities in
> the servers software or an successful MITM attack, Eve has the plain
> password. An encrypted pw is still useless.
That heavily depends which attack you are talking about. hashed
password on the line protects against attacks on the line, but pretty much
requires a cleartext password in a database on the server somewhere and
thus allows a successful attacker to walk out with a full dump of the
password database: hundreds, thousands, maybe millions of clear text
passwords.
A hashed password on the server pretty much requires a cleartext
password on the line (hopefully through an encrypted channel...). In this
case (no matter if the attack is on the line) only the passwords that are
currently being used to login are directly in danger, which is only a subset
of the full dump.
If in doubt I'd vote for hashed password storage on the server, but it
depends on the attacks you want to protect against.
Best long term solution might be similar to what XMPP is slowly migrating
to: SCRAM... allows hashed password storage *and* hashed password on
the line.
Not sure if it has other shortcomings though.
Regards,
Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20150728/3c149735/attachment.html>
More information about the Ach
mailing list