[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050319231545.73996.qmail@smasher.org>
From: atom at smasher.org (Atom Smasher)
Subject: Re: choice-point screw-up and secure hashes
On Sat, 19 Mar 2005 Valdis.Kletnieks@...edu wrote:
> Remember that the company probably needs an *invertible* function as
> they need to be able to access the original value, so the trick of "hash
> the SSN and see if you get the same to compare for equality" isn't
> usable. You can use a one-way function if the only question is "Is
> 109-00-4368 the SSN for Customer XYZ?". If you need to be able to answer
> "What is Customer XYZ's SSN?" you need an invertible function. And if
> you ever do a database JOIN based on SSN, you need the SSN.
===================
some companies have a legitimate need to ask that question. they should be
subject to more stringent checks than our recent bad guys. FTMP, however,
that question is of very little use... if you want to know the SSN of
"john smith", born 1976-07-04 you're likely to come up with several
matches.
but, if john smith wants to apply for credit from you, his application
will contain his SSN and other info. this can be VERIFIED just the same
whether it's being checked against an actual SSN or a hashed product of
the SSN... either there's a match or there isn't!
the actual SSNs would need to be retained for several reasons, but really
need to be kept under tighter control.
> And the sad fact is that if the company's servers are compromised
> sufficiently to recover the hashed SSN, they're almost certainly
> compromised sufficiently to allow the theft of the software that handles
> the forward and reverse hashing. So considering the salt and the
> algorithm secure if the hash has been compromised is probably a bad
> idea..
===================
the solution i've described is not meant to protect servers. it's meant to
protect data that people subscribe to. the fact that people subscribed to
the data indicates that the servers are well protected, or at least a
harder target than opening an account.
the real issue, again, is that we are talking about a SYSTEM. each
component of that system has different threat models and needs to be
protected in different ways. what protects the data may not help the
servers... that protects the servers might not protect dead hard drives...
what protects dead hard drives might not protect the network... for a
group of security professionals i'm disappointed that so many people are
looking for a single "magic bullet" that will just "secure" every part of
a complicated system. it doesn't work like that in the real world.
--
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"The optimist proclaims that we live in the best of all
possible worlds; and the pessimist fears this is true."
-- James Cabell, "The Silver Stallion"
Powered by blists - more mailing lists