W3C home > Mailing lists > Public > www-tag@w3.org > April 2008

Re: Summary of Responses to Passwords in the Clear from Web SCWorking Group

From: John Kemp <john.kemp@nokia.com>
Date: Thu, 10 Apr 2008 11:26:44 -0400
Message-ID: <47FE31B4.7030808@nokia.com>
To: ext Dan Connolly <connolly@w3.org>
CC: Marc de Graauw <marc@marcdegraauw.com>, "'David Orchard'" <dorchard@bea.com>, www-tag@w3.org


I think the concern expressed about use of digested passwords *without* 
SSL/TLS is that without SSL/TLS, a man-in-the-middle might intercept the 
digested value, and then (offline) run a brute-force dictionary attack 
on the digested value, in order to determine the plaintext by 
establishing a plaintext value for which the hashed value is the same as 
the intercepted one. One can argue as to whether this is a more or less 
feasible attack, but with SSL/TLS in place, it is not (currently) a 
possible attack.


- john

ext Dan Connolly wrote:
> On Thu, 2008-04-10 at 15:54 +0200, Marc de Graauw wrote:
>> Dan Connolly:
>> | > The bulk of Chris Drake's message:
>> | [... seems to be about dictionary attacks ...]
>> | 
>> | OK, but how is SSL not vulnerable to the same dictionary attacks?
>> SSL uses large random numbers to establish a session, Chris's argument is
>> against using hashes of non-random (even trivial) passwords.
> Digest uses a nonce similarly, no?
Received on Thursday, 10 April 2008 15:51:01 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 15:32:56 UTC