Re: Password Authentication from David P. Kemp on 1996-04-25 (ietf-tls@w3.org from April to June 1996)

From: David P. Kemp <dpkemp@missi.ncsc.mil>
Date: Thu, 25 Apr 1996 13:27:23 -0400
To: ietf-tls@w3.org
Message-Id: <199604251727.NAA18598@argon.ncsc.mil>

From: Dan Simon <dansimon@microsoft.com>
Date: Wed, 24 Apr 1996 12:50:49 -0700

>To me, the issue is not whether password authentication is weaker than
>authentication by certified asymmetric key; most everyone would agree
>that this is the case.  Unfortunately, for reasons ranging from
>established practice to portability issues to plain ignorance, many
>people will likely continue to use passwords for authentication for
>some time to come, whether protocol authors want them to or not.  The
>issue at hand is therefore whether password-based authentication must
>continue to be as weak as the encryption available (which is often, as
>we all know, woefully weak), or whether, by our protocol design
>choices, we can make the security of password authentication as strong
>as it can possibly be.

No matter how weak the encryption is (40 bits :-), passwords are always
going to be weaker.  How many people do you know who pick 8 character
passwords having even 24 bits of entropy?  If you rely on shared secret
passwords to establish encryption or MAC keys, the protocol design
has done nothing to strengthen anything but the perception of security.

On the other hand, if you use certificate authentication and 3DES
encryption at the Transport layer, then it may be perfectly acceptable
for many applications to use password authentication **at the application
layer** for finer-grained access control.

>Nobody advocates forcing people to use passwords (even if it were
>possible to do so).  The question is whether we can force them not to,
>and what to do given that we can't.

We can refuse to create an IETF-standard transport layer protocol that
allows password authentication.  If there is enough of a market, I'm
sure some enterprising company would introduce non-standard extensions
to allow 24 bit privacy, and another company would follow suit if they
felt competitive pressure to do so.  At that point, the IETF standard
might be updated to accommodate the sorry state of existing practice.

But I believe that it will soon be easier to generate and use
certificates than it will be to pick, remember, and type passwords.
"Build it, and they will come."

There are obviously strongly-held opinions on both sides.  I hope the
working group can establish rough consensus on this issue and include
the decision in the charter relatively quickly, to avoid prolonging
the debate.

Received on Thursday, 25 April 1996 13:27:32 UTC