[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Jan 2014 19:01:30 +0400
From: Solar Designer <solar@...nwall.com>
To: discussions@...sword-hashing.net
Subject: Re: [PHC] Native server relief support for password hashing in browsers
On Sun, Jan 19, 2014 at 10:48:22PM +0000, Poul-Henning Kamp wrote:
> Well, the clever thing that's always available, so to communicate
> the the salt to the user over a secure channel and tell them to
> write it down for later use.
If by "over a secure channel" you primarily mean "after the user had
authenticated by some other means on their first login or registration"
(it could even be plaintext password login), then this prevents
precomputation of hashes for other users (since the corresponding salts
won't be obtainable) and probing for valid usernames via salts (since,
without a server compromise, it won't be possible to obtain and analyze
the salts without having access to those users' accounts first). I like
this idea.
Another related (old) idea is to base the client-side salt solely on the
username combined with service name. This doesn't prevent precomputation,
but it does prevent username probing.
Alexander
Powered by blists - more mailing lists