Re: Seeking advice on security best practice

> 1. What are the main dangers associated with the use of hashed 
> credentials? Identity spoofing?

Hashing doesn't ensure a unique value, does it? So I presume in the 
backend there's some hash table that tracks state and deals with conflicts 
by trying some new has. I thought the security properties of hashes were 
that it would be hard to find a second text that hashes to the same value. 
Not sure how hard it is to come up with something that hashes to some 
randomly useful identity. Seems like a danger to me, but ianac. 

> 2. Are there practical recipes to avoid the dangers (e.g. "encrypt the 
> client's IP address in the hashed credentials to ensure they cannot be 
> used by some other client"?)

Just encrypt the identity then. Be sure to avoid standard cryptographic 
mistakes, and protect against reply and changes. Oh wait, that's what that 
SSL does :-). 

> 3. Can we consider it a good practice? In some not-highly-sensitive 
> cases, e.g. for applications that use identity to personalize the 
> look-and-feel? Never?

Well if your security model is "nbd", then it sounds fine to me! But then, 
which use any cryptography at all? 

Received on Friday, 23 January 2009 13:56:18 UTC