RE: Summary of Responses to Passwords in the Clear from Web SCWorking Group from noah_mendelsohn@us.ibm.com on 2008-04-10 (www-tag@w3.org from April 2008)

From: <noah_mendelsohn@us.ibm.com>
Date: Thu, 10 Apr 2008 11:39:53 -0400
To: Dan Connolly <connolly@w3.org>
Cc: "'David Orchard'" <dorchard@bea.com>, Marc de Graauw <marc@marcdegraauw.com>, www-tag@w3.org
Message-ID: <OF7EE04D98.FC12A7DA-ON85257427.00554479-85257427.0055F792@lotus.com>

A probably naive question:  I believe I'm correct that in the case of 
digest, both the client code and the server code have, at the time the 
password is established, access to the plain text of the password (I'm not 
sure whether this is true in the case that the server stores hashed 
passwords, but that's the reason for this question.)  If it's easy for an 
attacker to match on a huge range of simple passwords, e.g. by Google 
searching, why can't a server do the same checks at the time a password is 
first established, since presumably it has access to the same checking 
tools as the hackers? 

I'm sure this is a hopelessly naive question from someone who doesn't do 
security as a day job, but I'd be curious for the answer.  Most of the 
concerns expressed about digest seem to boil down to: users will 
inevitably pick simple passwords that are vulnerable to dictionary attack. 
 Can't the same dictionaries be used to disallow just those passwords?

Noah

--------------------------------------
Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142
1-617-693-4036
--------------------------------------

Dan Connolly <connolly@w3.org>
Sent by: www-tag-request@w3.org
04/10/2008 11:11 AM

        To:     Marc de Graauw <marc@marcdegraauw.com>
        cc:     "'David Orchard'" <dorchard@bea.com>, www-tag@w3.org, 
(bcc: Noah Mendelsohn/Cambridge/IBM)
        Subject:        RE: Summary of Responses to Passwords in the Clear 
from Web        SCWorking Group

On Thu, 2008-04-10 at 15:54 +0200, Marc de Graauw wrote:
> Dan Connolly:
> 
> | > The bulk of Chris Drake's message:
> | [... seems to be about dictionary attacks ...]
> | 
> | OK, but how is SSL not vulnerable to the same dictionary attacks?
> 
> SSL uses large random numbers to establish a session, Chris's argument 
is
> against using hashes of non-random (even trivial) passwords.

Digest uses a nonce similarly, no?

-- 
Dan Connolly, W3C http://www.w3.org/People/Connolly/
gpg D3C2 887B 0F92 6005 C541  0875 0F91 96DE 6E52 C29E

Received on Thursday, 10 April 2008 15:44:28 UTC