Putting passwords in a properties file?

[Dave Searles]

[says I'm a liar]

Whaaat? Nonsense.

[says I'm a liar]

No, you are.

 

[Tom Anderson]

You use of big-O is rather unconventional.

How so?

But we understand the point.

Very important: you logic assumes different salts per user. That
is good practice. But I think it should be emphasized.


The use of salt makes all dictionary attacks more difficult, because
it invalidates pre-calculated dictionaries.

Ah! Of course, good point. I hadn't realised that.

tom

 

[Ken]

Dave Searles wrote:
Arne Vajh�j wrote:
Dave Searles wrote:
markspace wrote:
Dave Searles wrote:
It seems to me that if you have the hash and the salt, and know the
algorithm for convolving the password with the salt, then you can
still carry out a dictionary attack.

A dictionary attack pre-computes the hash, and then just scans the
password file for a simple string match. The salt defeats this,
because each bit in the salt doubles the storage needed for the
dictionary.

<http://en.wikipedia.org/wiki/Salt_(cryptography)>

You're right in that if the password itself is weak and could be
guessed, then all bets are off.
As Tom explained, the salt does not make any single password harder
to crack, but it does slow down an attack aimed at getting all (or
the first) dictionary-vulnerable password.

I was thinking in terms of protecting a particular targeted account
(yours, say, or the superuser account), while you two were apparently
thinking more of protecting all of the accounts in some statistical
sense.
[misquotes me]

Hey!

Whaaat? Nonsense.
It is true.

No, I am NOT a liar.

I don't consider "no salt" and "same salt for all users" to be
meaningfully distinct; it amounts to a mere difference in the hashing
algorithm, and not one that makes one of them noticeable slower to apply
than the other (one extra add or xor operation).

I think simple is best. There is nothing wrong with clear text
passwords stored on a system that has good file security, few admins,
few but well known and well tested network services AND is physically
secure. The last part can't be overlooked. This will sound a little
extreme but if you want to talk about "hacked" think about how long it
would take to get into your personal system using someone else
computer and just your wits... now think about how fast it would be
with a fire axe starting at your front door. In most cases the second
is more practical.

Leaves more evidence and is a greater crime though; now you're on the
hook for B&E and larceny (assuming you took just the hard drive out of
the case, to mount on your own system) or even grand larceny (if you
took the whole b0x, and it was worth over a grand).

I'm just saying if the point is to get certain data in a timely way
that does not belong to you then there are much simpler and realistic
ways than using Penny's magic computer book to teleport the password
file into your hands.

Least-intrusive there is to break in with a Knoppix CD, reboot the
targeted machine from that disc, mount the hard drive, and read stuff as
the Knoppix superuser. Still involves B&E and trespassing as well as the
one constant in all of this, cyber-intrusion.

Well of course you can do a better job at stealing the data than
leaving little metal bits of their chopped up case all over. I can
think of a few very efficient ways of taking all the data without
anyone being the wiser. The most efficient of all is simply swapping
drives. If you know the make and model of the existing drive great if
not who cares most people don't know their drive brand... Look some
crazy virus wrote the whole drive over with random data, crazy weird!

Upshot: if the machine is not physically secure, relative to how
ruthless and willing to physically show their faces you think your
enemies might be, encrypt the fucking hard drive.

Funny enough the video storage is also often stored in the same room
as the server. Anyways does anyone know how effective encrypting the
hard drive is? I've seen a bunch of users happy as can be that their
laptop's hard drive is encrypted, then they punch in five alpha keys
and they're in. To be fair I don't know if there was hardware in the
equation... that could be problematic. I know someone who worked for
a large cryptographic company. There are all kinds of interesting
problems. As someone had pointed out earlier it is all about time.
In time you can always get at the data but in time the data will be
worthless. So anyways they don't say much about what they do (their
work is about keeping secrets after all) but in this particular
project they were working on a hardware encryption problem. If you
were to look at the ideal case, that is, inputs to output... it was
fantastic at using up time which is perfect for the purpose however
the system discarded passwords quickly if they were far off. Now you
can't show that to the outside world so naturally you will make the
system take a constant time. However when it was first designed no
one though to check for power consumption! The process was very
numerically intensive and with the right equipment you could see a
correlation between power usage (and heat) and know you are close to a
correct answer. Moral, things can look good on paper but when
implemented it is hard to keep cribs from sneaking up. A good case of
where ideals went out the windows when implemented is the enigma
machine.

 

[Dave Searles]

Least-intrusive there is to break in

[says I'm a liar]

Whaaaaat?

No way!

 

[Dave Searles]

[says I'm a liar]

I am not.

I can think of a few very efficient ways of taking all the data without
anyone being the wiser. The most efficient of all is simply swapping
drives.

They'll notice the replacement drive is missing all their data. You'd
have to copy the whole thing while there to avoid that, in which case
you might as well leave with the copy, not the original.

 

[Ken]

[says I'm a liar]

I am not.

They'll notice the replacement drive is missing all their data. You'd
have to copy the whole thing while there to avoid that, in which case
you might as well leave with the copy, not the original.

Here I agree with you.  Make a copy while leaving the original drive
in place.  The data will be more valuable if the owner does not know
that it has been copied.

rossum

Depends some of the most valuable data has very good long term value.
After all at these lengths there is no need to get the keys, they just
go straight for the ends. If however they are after intercepting on
going communications then you are talking about pretty sophisticated
criminals... more likely some spy agency. Then the physical counter
measures would be beyond legal, requiring sirens... not so you know
that the server is being broken into but so can flee the 3000 degree
Celsius explosion that is going to take place in the server room.

 

[Dave Searles]

On Thu, 01 Oct 2009 15:23:41 -0400, Dave Searles
Least-intrusive there is to break in
[says I'm a liar]

I pointed out

I don't care. I am NOT a liar, and that is the end of the subject!

How is my scenario impossible?

It is impossible that I could be a liar. From that, it follows that your
statement implying that I am one must be false.

 

[Dave Searles]

I agree with you. Make a copy while leaving the original drive
in place. The data will be more valuable if the owner does not know
that it has been copied.

Now if you can get it remotely, so much the better; even if the
computers in the machine room seem intact, if there are pry-marks at the
side of the door and the lock is broken that might make some people
suspicious, *particularly* if nothing is actually missing.

 

[Arne Vajhøj]

Thank you, Arne, for demonstrating how a person can take correction
without thinking that someone accused him of lying.

I am probably in the top decile in stubbornness.

But there is not much point in trying to argue what is
polynomial and what is exponential. It would be like
trying to argue that 2+2=5.

Arne

 

[Dave Searles]

You are correct.

My mistake.

[gratuitous personal attack deleted]

Wrong.

I am probably in the top decile in stubbornness.

Admission duly noted for the record.

But there is not much point in trying to argue what is
polynomial and what is exponential. It would be like
trying to argue that 2+2=5.

Who was arguing either? I just pointed out that adding more variation to
the password characters is the former and adding more suffix length or
similarly is the latter, which is perfectly correct.