lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20050319225318.55042.qmail@smasher.org>
From: atom at smasher.org (Atom Smasher)
Subject: Re: choice-point screw-up and secure hashes

On Sat, 19 Mar 2005, Jason Coombs wrote:

> Before I make off with your hard drive, I'm going to try very hard to 
> add some known SSNs to the database using your own hashing machine 
> (which presumably I won't be able to own outright, such that I could 
> discover your salting algorithm directly).
=============

make off with my hard drive? i've been referring to a social engineering 
attack where people SIGNED UP FOR ACCOUNTS and got the info because they 
were paying customers and they asked for it!


> I'm expecting you to salt the input SSN only, not use a keyed hash 
> algorithm. Don't change the rules of the game in the middle of play... 
> Your proposed scenario didn't mention the use of a keyed hash algorithm, 
> so no fair using one after you salt my SSN.
===============

i thought i pointed out that the protocol, as described, was lacking in 
detail and meant only as an overview of one possible way to protect the 
data. a keyed hashing algorithm would be great. an iterated and keyed (and 
salted) hashing algorithm would be even better.


> Your original message was complicated enough that I am pretty sure you 
> weren't suggesting that companies should encrypt the information they 
> store in databases. That would have taken too few words to recommend, 
> and if it's that easy to solve the underlying problem, who will hire 
> you?
===================

if the threat model involves backup tapes being stolen in transit, 
encryption would help. but if the threat model involves criminals opening 
an account and subscribing to the information then i'm afraid that 
encryption won't solve the problem. not even a little bit.

encryption is great stuff, but it's not a magic bullet. you need to 
understand the threat model and the limits of encryption. encryption would 
help protect the data in transit, it would help protect the data from 
being dumpster-dived, it would help if someone stole the hard drive... 
apparently the mark was cased and these things were determined to not be 
feasible means of attack. apparently it was determined (correctly!) that 
the WEAK LINK was to open an account and ask for the data. encryption does 
NOTHING to plug that weak link, hashing does.


-- 
         ...atom

  _________________________________________
  PGP key - http://atom.smasher.org/pgp.txt
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
  -------------------------------------------------

  	"All animals are equal, but some more than others."
 		-- George Orwell



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ