Information about SASL and LDAP
Alexey Melnikov
alexey.melnikov at isode.com
Thu Dec 1 12:56:13 EST 2011
On 01/12/2011 01:22, Carson Gaspar wrote:
> On 11/30/2011 4:18 PM, Howard Chu wrote:
>>>> On 30/11/11 11:16 +0100, Christian Roessner wrote:
>>>>> cmusaslsecretCRAM-MD5
>>>>> cmusaslsecretDIGEST-MD5 and
>>>>> cmusaslsecretNTLM
>
>> As I recall these are all plaintext-equivalents; i.e. there is no
>> security benefit from using these pre-hashed values, so they've been
>> deprecated already. The plugins will retrieve and use them if they're
>> present, but nothing creates them.
>
> They are _not_ plaintext equivalents.
Actually you are both wrong :-). They *are* plaintext-equivalent, i.e.
if an attacker obtains them, he can use them to authenticate as the user.
However, you are right, that they are slightly more secure than
cleartext password, as you said cmusaslsecretDIGEST-MD5 includes realm
(and also username), so it is effectively salted. So if such hash is
stolen, exposure might be limited to one site using the same username
and realm.
In the case of cmusaslsecretCRAM-MD5, it is only (effectively) a hash of
the password. So if it is stolen, it can be used to login to any
CRAM-MD5 account using the same password, irrespectively of the username
used.
> They are realm-limited, so compromise is limited to just the set of
> services sharing that realm (in many cases a single service). i.e.
> they don't let me use your password to log in to gmail, or get a shell
> on your box.
>
> The fact that the cyrus folks decided to deprecate these in favor of
> storing actual clear text passwords makes me a sad panda. And
> demonstrates a lack of understanding of the security issues involved,
> or a very different cost/benefit analysis than I can imagine.
While cmusaslsecretDIGEST-MD5 is more secure, it is a bit of a
management headache: if the username changes (e.g. due to marriage),
then the hash is no longer valid and needs to be reset.
Having said that, I do have somewhere the code to generate
cmusaslsecretCRAM-MD5 value. At the moment I don't remember whether it
was never committed or whether it was removed.
More information about the Cyrus-sasl
mailing list