Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPpIF-0000L9-PO for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 17:31:11 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nPpID-0003MO-7Y for pgsql-hackers@arkaria.postgresql.org; Thu, 03 Mar 2022 17:31:09 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nPpIC-0003MF-UH for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 17:31:08 +0000 Received: from tamriel.snowman.net ([70.109.60.50]) by makus.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nPpIA-0005Um-Lh for pgsql-hackers@lists.postgresql.org; Thu, 03 Mar 2022 17:31:07 +0000 Received: by tamriel.snowman.net (Postfix, from userid 1000) id F1ABD5F798; Thu, 3 Mar 2022 12:31:05 -0500 (EST) Date: Thu, 3 Mar 2022 12:31:05 -0500 From: Stephen Frost To: Tatsuo Ishii Cc: tgl@sss.pgh.pa.us, pgsql@j-davis.com, smilingsamay@gmail.com, pgsql-hackers@lists.postgresql.org Subject: Re: Proposal: Support custom authentication methods using hooks Message-ID: <20220303173105.GK10577@tamriel.snowman.net> References: <20220228204634.GM10577@tamriel.snowman.net> <2738622.1646083128@sss.pgh.pa.us> <20220228214255.GO10577@tamriel.snowman.net> <20220303.151524.1159715505705492773.t-ishii@sranhm.sra.co.jp> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="qr7nXUVd9Lj/wfVJ" Content-Disposition: inline In-Reply-To: <20220303.151524.1159715505705492773.t-ishii@sranhm.sra.co.jp> User-Agent: Mutt/1.5.24 (2015-08-30) List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --qr7nXUVd9Lj/wfVJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Greetings, * Tatsuo Ishii (ishii@sraoss.co.jp) wrote: > > Yes, really, it's a known-broken system which suffers from such an old > > and well known attack that it's been given a name: pass-the-hash. As > > was discussed on this thread even, just the fact that it's not trivial > > to break on the wire doesn't make it not-broken, particularly when we > > use the username (which is rather commonly the same one used across > > multiple systems..) as the salt. Worse, md5 isn't exactly the pinnacle >=20 > I am not a big fan of md5 auth but saying that md5 auth uses username > as the salt is oversimplified. The md5 hashed password shored in > pg_shadow is created as md5(password + username). But the md5 hashed > password flying over wire is using a random salt like md5(md5(password > + username) + random_salt). Err, no, it's not oversimplified at all- we do, in fact, as you say above, use the username as the salt for what gets stored in pg_authid (pg_shadow is just a view). That's absolutely a problem because servers can be compromised, backups can be compromised, and when it comes to PG servers you don't even need to actually bother cracking the password once you've gained access to an md5 value in pg_authid anyway. Yes, we do use a challenge/response over the wire but that doesn't absolve us of the fact that the hashes we store in pg_authid with the md5 method is subject to pass-the-hash and brute-force attacks against it. If anything, the challenge/response over the wire is less useful considering the common usage of TLS these days. Thanks, Stephen --qr7nXUVd9Lj/wfVJ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJiIPtZAAoJEO1sijiDR2RVnqUP/iyNufsg1EdDTwBlAtjlxPFb /6Vpkym8+tOPtcz4p82N46bL5V67dKUwUT0nOLoBfNYLHLgevig4/jSi4Otl8ESJ UIzCD/coUREPxpI91tRe1nCJijhSpAg0i/Icd7mb9cwE58X+qVwNOcRR7GaMdnEF JmtE0PY3ORLWXdZ3hVysIWYC9KUnT2BnG2jNLSe0/+Ir2g8fd5CgdBPNzx/kRuCi CMQogXIYk8vT0kjNGqB3hEJbSVe37qt8oqEydqtS+RX6pvKvsdln7BLLMxXpsPh2 cbGjKbN2Nx1Q9kPwzKStPGkJeQ3pcjxsXZiq1oKV3ph+qu5S8xS9K4InXKEfxLuf EYyWo7g0r7wB2phObpL+G0WkbEJWkFyiW/HuvhOj0ZYf3xGlCBneP+rXLW8o4Zh1 8PTIDiRL4DvcC8HqlP3ElRCdmESkhudnl0Q0J+A9a1vMUCwT6a+dSrn9O0879IJC l9woEvkjTQWxtbmYAf832ehRi4buDJZtfBbopkydbdYNsbSAinntspg5dDnmdIDo 3A0z9KaQoCD+3VG1jFs6UrZmTVOubet7u0rqkh72zWavqTBmAOj844+oNX8PVw02 TH8B4EFday6PtaPdmOIagZFFcgwpHvAQS/IJ6U6N9sJZiQAcg3i/hHcgYH46X1Zb frNS6IWCkmQLAeRSW3YM =D7TA -----END PGP SIGNATURE----- --qr7nXUVd9Lj/wfVJ--