|
General software and network General OS-independent software and network questions, X11, MTA, routing, etc. |
|
Thread Tools | Display Modes |
|
||||
Cryptanalysis: a stunning display of bad security design
Some background
Triple DES, commonly referred to as 3DES, is a perfectly acceptable and well understood stream cipher. It was one of the algorithms I studied when I took a cryptography course last year. During that course, Prof. Boneh hammered into us that as cryptology amateurs, we should never desgin our own cyrptographic solutions, even when using well understood primitiives. Such as 3DES, or AES, or SHA256. Mistakes in design can permit an attacker to obtain partial plaintext, partial keys, or critical information permitting them to derive partial plaintext or keys. The news You may have heard the news that Adobe disclosed a loss of 3 million encrypted passwords. You may also have heard that they underreported the loss by a factor of 20 -- that the password database that was published online actually lists 150 million userids, Email addresses, password hints and encrypted passwords. You might also have received an Email from Adobe in October about the disclosure, as I did. The 3DES cipher is excellent, for its intended purpose. Its choice for static information, or data at rest, was excoriable. Its implementation in Adobe's database was nothing short of excrement. This morning, there was an article on Bruce Schneier's blog, that pointed to a fascinating cryptanalysis by Paul Ducklin, who contributes to the Naked Security column at Sophos. His column, Anatomy of a password disaster - Adobe's giant-sized cryptographic blunder, is intended for the lay reader, and is clear, understandable, and compelling. You do not need to have a background in cryptography to understand it. Everyone who uses the Internet should read it. Don't read it just to enjoy Adobe's ineptitude, which is devastatingly, mind bogglingly fun to read about and understand. Read it because there will be future ill-conceived solutions, and these could be solutions we devise ourselves. Read it because we all need to understand that we never know how well protected any information is, in the event it is disclosed. Whether that information is in the trust of others, or our own. And, read it because we should all be cognizant of just how easy cryptanalysis is when the same key is reused for the same information. |
|
|||
Hi jggimi ! thanks for the interesting thread
Outliars pretend to care about users privacy .. http://nakedsecurity.sophos.com/2013...ails-on-adobe/ http://nakedsecurity.sophos.com/2013...phic-defaults/ |
|
||||
It could be worse. A large Dutch telecom (KPN) once claimed their passwords were encrypted with UTF-8 :-)
I've once had my password read to me over the phone by someone checking some basic information (name, email, address, and apparently also password)... The (repeated) attempts to actually pronounce my random passwords were quite amusing. A few months ago, there was quite some hubub in the Netherlands because a journalist had `hacked' a medical system because a patient had overheard a password. The point is, whenever you use a password, *anywhere*, it's best to always assume your password is public. Just storing the passwords securely is no guarantee. I could, for example, easily modify the code for these forums to email me your password when you login. The best thing you can do is: 1) Use a password manager & unique passwords 2) *Always* use a password manager & unique passwords! This won't actually stop misuse, but it would certainly limit the scope of misuse.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Quote:
Any suggestions about the available password managers in OpenBSD with a window manager like FluxBox or OpenBox? |
|
|||
Hi shep ! I was about to ask as well .. then , is keepassx convenient ?
Thanks jggimi ! your examples are to the point but some (I mean myself) learn too late .. |
|
||||
If you want a basic solution, you can do this in vim:
Code:
:set cryptmethod=blowfish :X :w ~/passwords Don't forget to backup (no matter how you store your passwords), you will *not* be happy if you lose it.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Thanks Carpetsmoker !
Quoting keepassx wikipedia page : Quote:
|
|
||||
I wrote a few functions to make Vim work as a password manager ... I cleaned that up a bit, and released it as a program of sorts.
http://code.arp242.net/password-bunny This is ridiculous simple, but it's the best password manager I've used so far...
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. |
|
|||
Quote:
I know a place that not only uses 3DES for passwords, but keeps the key in the text of the executable. In case that's not a big enough hole, it provides an API function that will authenticate you if you provide the cipher text of your password (think if passwd had a flag where you could provide the ciphertext in master.passwd and that would be as good as typing your password). When I challenged someone on that I was told it was to avoid having users keep their unencrypted password in a file on their machine's file system for programs that run automated without a chance for a login prompt. Heh. Challenge them a little more and you soon get, "well our systems are only meant for internal networks anyway." So let's be honest about it and not have authentication at all. I'm not pretending to be any kind of expert, but when even I could break your system, you're pretty pathetic. |
|
|||
Quote:
__________________
May the source be with you! |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
The Design and Implementation of the FreeBSD Operating System | cajunman4life | Book reviews | 9 | 27th July 2013 04:04 PM |
Home LAN design help. | silex | OpenBSD General | 0 | 15th December 2012 09:40 AM |
SilverStripe CMS 3.0 arrives with new interface design | J65nko | News | 0 | 3rd July 2012 07:22 AM |
HTTP cookies, or how not to design protocols | J65nko | News | 2 | 31st October 2010 07:39 AM |
Design & Implementation 4.4 BSD vs FreeBSD | m3t4tr0n | Book reviews | 8 | 6th August 2010 11:02 PM |