From: Ethan B. <el...@ps...> - 2006-10-25 02:38:46
|
Daniel Atallah spake unto us the following wisdom: > On 10/24/06, Ethan Blanton <el...@ps...> wrote: > > Gary Kramlich spake unto us the following wisdom: > > > Why not use digest or digest-md5 instead of basic? > > > > I actually prefer basic + ssl for this, as it means my password won't > > be stored on disk in the clear. Certificate-based auth would be even > > better. ;-) >=20 > What am I missing here? Why would digest auth require your password > stored on disk any more than basic? Challenge-response authentications always[1] require a password- equivalent string to be kept at the server. If it is a hash, then one can log in knowing the hash and not the password. The reason for this is that a successful login is negotiated by way of a function f(x, y) which takes two "secrets" as its argument. One is a nonce (the challenge), and the other is the secret password of the user. The server sends the nonce to the user, who computes f(nonce, password), and sends it back to the server. The server then also computes f(nonce, password), and if this matches what hte user sent, then the login is successful. The advantage of this scheme is that, if nonces are chosen intelligently (say, from a huge random number space), and f() is a good hash function, then the login can take place completely in the clear and an eavesdropper still doesn't know the password (and can't replay, either). The disadvantage is that the server has to persistently store a password-equivalent string. Ethan [1] In practice -- maybe one could be designed which doesn't. --=20 The laws that forbid the carrying of arms are laws [that have no remedy for evils]. They disarm only those who are neither inclined nor determined to commit crimes. -- Cesare Beccaria, "On Crimes and Punishments", 1764 |