| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Nagy László Zsolt <gandalf(at)shopzeus(dot)com> |
| Cc: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: md5 auth procotol - can it be replayed? |
| Date: | 2016-05-07 15:51:24 |
| Message-ID: | 20160507155124.GP10850@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Greetings,
* Nagy László Zsolt (gandalf(at)shopzeus(dot)com) wrote:
> How the md5 hashed authentication method works? Is it protected against
> replay attacks? Here is what I have in mind:
>
> * If the server stores salted hashed passwords, then I do not see how
> the server could authenticate the users without getting the password in
> clear text?
If you're interested in how these things can be addressed, you should
review the SCRAM protocol.
> * If the server stores (unsalted) password hash values, then basically
> there is almost no difference between a clear text password and an md5
> hash, because anyone can replay the send the same hash value and log in
> again.
If the hash was sent in the clear, then that would be true, but it
isn't.
> Am I missing something?
There is a challenge/response compoent, so the md5 hash which is stored
is not what is sent across the wire. That prevents replay attacks when
the attacker is simply sniffing the network. If the attacker is able to
acquire the as-stored hash then, yes, that can be used to authenticate.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2016-05-07 16:28:37 | Re: md5 auth procotol - can it be replayed? |
| Previous Message | Nagy László Zsolt | 2016-05-07 15:38:38 | md5 auth procotol - can it be replayed? |