#7 secure passwords in new_user_md5.php3

open
nobody
None
3
4 days ago
2001-08-15
Richard Archer
No

reposted from mailing list

Note: this deficiency is documented in the code.

At 3:28 PM -0700 16/8/00, Torrey Hoffman wrote:

>Hello. I'm using phplib 7.2b, with the md5 based
challenge-response
>authentication system. (Challenge_Crypt_Auth).
>
>I have a concern about password security for
administrators adding users, or
>changing user passwords.
>
>First, some background, as I understand it:
>
>The MD5 challenge-response authentication system is
reasonably secure, even
>over insecure networks, as it never sends passwords in
the clear. It works
>by using the JavaScript implementation of MD5 on the
client to compute:
>MD5("$username:$pass:$challenge"), where $pass is
actually the md5 hash of
>the plaintext password.
>
>Both the client and the server can compute this value,
allowing the server
>to authenticate the client. Since the $challenge is
different for every
>session, an eavesdropper (packet sniffer) cannot gain
any useful knowledge
>of the password, even though they can see the
$username and $challenge.
>
>So all is well for authentication.
>
>But when adding a new user, the
"\pages\admin\new_user_md5.php3" sample code
>ends up passing the just md5(plaintext-password) over
the network. If an
>attacker grabs that information, then they can easily
compute
>md5("$username:$pass:$challenge) and falsify their
authentication. As I see
>it, there is no extra security in sending the MD5 hash
of the plaintext
>password when changing or setting passwords - you
might as well just send
>the plaintext password.
>
>I can't figure out an easy way to fix this without
going with the full
>Diffie-Hellman key exchange protocol. (See
>http://www.apocalypse.org/pub/u/seven/diffie.html).
However, I am not a
>cryptography expert.
>
>So my questions are:
>
>1. Is there a secure way to set Challenge_Crypt_Auth
MD5 passwords over the
>net?
>2. If so, has it been implemented somewhere with free
source?
>3. If not, is there some fundamental reason? Is this
is hard to do with
>JavaScript on the client and PHP on the server?
>3. Is this weakness in the PHPLIB sample code documented?
>
>Thanks very much for any help or advice you can give.
>
>Torrey.Hoffman@myrio.com
>
>PS: Huge thanks to the authors of PHPLIB for writing
such an amazingly
>useful piece of code.
>

Discussion