- From: David Jablon <dpj@world.std.com>
- Date: Wed, 17 Dec 1997 11:37:42 -0500
- To: "Phillip M. Hallam-Baker" <hallam@ai.mit.edu>, rlgray@us.ibm.com, HTTP Working Group <http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com>
At 10:14 PM 12/16/97 -0500, Phillip M. Hallam-Baker wrote: > 2) The purpose was to prevent the need to EVER send passwords > over the net in the clear, not to provide cast iron security. Regardless of the original purpose, cast-iron protection for authentication secrets seems quite important, especially in light of ... > The problem with BASIC is that pinheads chose the same password > for their Financial times subscription as their office computer account. > If I can snoop a companies external traffic for BASIC passwords I can > probably use this for an attack. Absolutely. Password reuse between weak and strong methods must be discouraged, as long as weak methods continue to be used. But memorized secrets remain important. > 3) It is astonishing how people will tolerate the incredibly broken (BASIC) > and simultaneously spend their time inventing new hoops for attempts to > provide a fix. I stopped adding whistles and bells when people told me > they were concerned about the difficulty of implementing it. > > 4) The idea of password based authentication is inherently flawed. If > one is going to use public key, certificates are the means to establish > identity. ... I disagree with the conclusion, which goes too far. Some password-based certificate-free methods work quite well. > ... Sending passwords to an untrustworthy server does not solve > the 'pinhead' problem. Sure, but you can verify a small password without exposing it to an untrustworthy party, even in digested form, using a stronger method. Clear-text and digest-style authentication are flawed, and it sure is discouraging that they are so widely deployed and used. This should motivate the deployment of stronger methods. The "pinhead" problem is that a PIN code is all that seems to fit in an average human head, and this code is small enough for brute force attack. Methods like SPEKE and EKE solve this problem w.r.t. the network. For example, these don't leak PIN-sized secrets to eavesdroppers. Memorized factors remain important for personal authentication, and a total dependence on stored keys and certificates unnecessarily weakens a system. The goal of replacing broken password methods with stronger password methods seems quite important. ------------------------------------ David Jablon Integrity Sciences, Inc. dpj@world.std.com <http://world.std.com/~dpj/>
Received on Wednesday, 17 December 1997 08:39:39 UTC