Re: Updated passwordsInTheClear-52 from noah_mendelsohn@us.ibm.com on 2008-05-02 (www-tag@w3.org from May 2008)

From: <noah_mendelsohn@us.ibm.com>
Date: Fri, 2 May 2008 10:17:01 -0400
To: "David Orchard" <orchard@pacificspirit.com>
Cc: www-tag@w3.org
Message-ID: <OF95C0CEA1.D9A70C86-ON8525743D.004CFE15-8525743D.004E5CE9@lotus.com>

Dave:  I took an action yesterday to review specifically your edits 
dealing with digest authentication.  I'm glad to see that you followed up 
on the suggestion that digest may be acceptable when suitably strong 
passwords are chosen.  The quibble I have is that you specifically suggest 
that only short alphanumeric strings can be cracked, and you imply that 
longer alphanumeric strings are the answer.  I think both of those are 
questionnable calls at best, and unnecessary to the essence of the point. 
So, I suggest the following edits to your original:

<original>
The Digest method is subject to dictionary attacks when passwords are 
short common alphanumeric strings. An attacker can easily compute the 
digest for a large set of such common passwords then compare against the 
transmitted message. This can be mitigated by the use of significantly 
longer strings, but this is very rare practice on the web. The Digest 
method is subject to man in the middle attacks because an intermediary can 
degrade the quality of service to basic authentication. 
</original>

<suggested>
The Digest method is subject to dictionary attacks, and must not be used 
except in circumstances where passwords are known to be of sufficient 
length and complexity to thwart such attacks.  The sophistication and 
power of dictionary-based exploits continues to increase;  where before 
such attacks targeted only short passwords using common terms, modern 
approaches can be effective in "cracking" certain longer or more complex 
passwords as well.   Great care must therefore be taken if digest 
authentication is to be used, and it should be noted that few systems in 
common use on the Web today ensure the use of sufficiently strong 
passwords.  The Digest method is >also< subject to man in the middle 
attacks because an intermediary can degrade the quality of service to be 
>no better than that of< basic authentication. 
</suggested>

I'm short on time at the moment, and I suspect that a bit of editorial 
work would result in somewhat more appealing prose, but I think the 
essence of the changes is important.  Anyway, I believe this discharges my 
action, and I will go into tracker and close it.  Thank you.

Noah

--------------------------------------
Noah Mendelsohn 
IBM Corporation
One Rogers Street
Cambridge, MA 02142
1-617-693-4036
--------------------------------------








"David Orchard" <orchard@pacificspirit.com>
Sent by: www-tag-request@w3.org
05/02/2008 09:19 AM
 
        To:     www-tag@w3.org
        cc:     (bcc: Noah Mendelsohn/Cambridge/IBM)
        Subject:        Updated passwordsInTheClear-52


Changes:
 
Added comments about digest authentication and use of strong passwords.
 
Previous changes
 
Updated abstract.
Changed SHOULD NOT send passwords in the clear to MUST NOT and related 
text
Added information on Digest Authentication vulnerabilities and warning
Added SSL/TLS configuration warning.
 
http://www.w3.org/2001/tag/doc/passwordsInTheClear-52
http://www.w3.org/2001/tag/doc/passwordsInTheClear-52-20080501.html 
 
Cheers,
Dave

Received on Friday, 2 May 2008 14:16:35 UTC