W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > May to August 1995

potential security holes in digest authorization

From: Brad Barber <bradb@geom.umn.edu>
Date: Fri, 14 Jul 1995 13:35:05 +0500
Message-Id: <v01510107ac2bd5721bb4@[199.3.133.216]>
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
I'm glad to see that you are considering digest authorization 
for HTTP.  I noticed a few security holes that may be of
concern:

- the server's digest database of H(<username> : <realm> : <password>) should
receive highest security.  To the knowledgeable user, it is the same as 
storing passwords in the clear.  This is a weakness of the digest
method.  The passwd file in UNIX that is used for "basic" authorization
may be released without compromising strong passwords.

- the reuse of stale nonces is a convenience that allows a user to
act as another user.  The server should at least require that the return
IP address be the same as before.

- the <message-digest> places the nonce before the <message-body>.  
Cheswick & Bellovin '94 [Firewalls and Internet Security p.222]
report a security hole noticed by Tsudik '92 [IEEE Infocom].  They
recommend placing the nonce after the message. 

                                                    --Brad Barber



Brad Barber, 116 Fayerweather St., Cambridge MA 02138 
617-497-8876, barber@tiac.net, bradb@geom.umn.edu
Received on Friday, 14 July 1995 10:34:40 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:31:23 EDT