- From: John Kemp <john.kemp@nokia.com>
- Date: Thu, 10 Apr 2008 11:26:44 -0400
- To: ext Dan Connolly <connolly@w3.org>
- CC: Marc de Graauw <marc@marcdegraauw.com>, "'David Orchard'" <dorchard@bea.com>, www-tag@w3.org
Hi, I think the concern expressed about use of digested passwords *without* SSL/TLS is that without SSL/TLS, a man-in-the-middle might intercept the digested value, and then (offline) run a brute-force dictionary attack on the digested value, in order to determine the plaintext by establishing a plaintext value for which the hashed value is the same as the intercepted one. One can argue as to whether this is a more or less feasible attack, but with SSL/TLS in place, it is not (currently) a possible attack. Regards, - john ext Dan Connolly wrote: > On Thu, 2008-04-10 at 15:54 +0200, Marc de Graauw wrote: >> Dan Connolly: >> >> | > The bulk of Chris Drake's message: >> | [... seems to be about dictionary attacks ...] >> | >> | OK, but how is SSL not vulnerable to the same dictionary attacks? >> >> SSL uses large random numbers to establish a session, Chris's argument is >> against using hashes of non-random (even trivial) passwords. > > Digest uses a nonce similarly, no? > > >
Received on Thursday, 10 April 2008 15:51:01 UTC