Password security - Another idea

Dennis L. Mumaugh dlm at cuuxb.ATT.COM
Tue Jan 10 11:47:49 AEST 1989 

In article <4612 at xenna.Encore.COM> bzs at Encore.COM (Barry Shein)
 writes:

    Dennis Mumaugh writes and Barry argues and then

    Basically, I claim you have just rested your argument on
    the proposition that such systems as RSA and other public-key
    data encryption methods are completely useless and
    fundamentally flawed, even in the casual sense (ie. without
    presupposing teraMIPS computers.)

    Is that a fair summary? Is that where you want to stand?

No, this is NOT my position.  The encryption used for passwords
is not *fundamentally* flawed!  It is restricted so that the
work-factor is much too low.  Work-factor is a cryptologic word
that defines the amount of resources of a postulated type needed
to break an encryption and either recover the plain text and/or
the key.  It assumes various factors such as message size, change
of crypto variables and the technical means to do the breaking.

In the case at hand, the V7 encryption was adequate at the time
it was designed 10 years ago.  With good password management
methods it is adequate (barely) right now.  It is currently
within the state-of-the-art to break passwords by brute force
using the current scheme. {Based on human nature and clever
crackers.}

The password encryption alogithm needs strenghtening!  RSA or DES
or any other encryption scheme will work if the key space is
expanded much more.  An 8-character password as currently
implemented with UNIX is getting to be too short.  Increasing the
length of the password (and hence the encrypted result) will make
it much harder to break.

The salt is a specious argument.  Its original purpose was to
disguise the fact that a given user used the same pasword on
different systems.  Ken Thompson and Bob Morris made a hobby in
the early day [1974-77] of cracking all the systems/passwords
they could.  In the LA area they discovered several people had
accounts on diverse machines:  RAND, UCLA, USC-ISI, etc. and it
was easy to see if the passwords were the same on different
machines.

I agree with Barry that it is sometimes possible to trick
programs to give read access to protect files:  I know a couple
of programs that will.  But shadow passwords are an extra
precaution, not the only precaution.  Consider typical cracker
like a burglar -- they are snatch and grab, get in and get out
before you get caught.  Consider breaking /etc/shadow being more
like the house guest rummaging in your desk while you are
sleeping or a house sitter while you are on vacation.

In a properly secured system only authorized users will get
logged-in.  Hence the crackers are usually an authorized user.
If the password is in a read-protected shadow, most amateur
crackers will try other methods first.  Unless they are really
sophisticated or have a lot of time to break the system.  In
almost any system there are a lot easier ways to breakin rather
that try to read /etc/shadow.  Trojan horses and trapdoor
programs provide a faster and more productive way.  Few of the
typical system administrators have cleaned-up their system so
well that password cracking is the fastest way.  Smart people use
trusted programs for password changing and are always careful not
to type stupid things like "chmod +r *" while in /etc.
Inexperienced systems adminstrators are the most serious threat
to a system's integrity second only to a complacent
administrator.

Of course the possibility that a shadow password file can give a
false sense of security needs to be addressed.  One could have a
cron job to ensure that critical files are always kept secure --
nice place to attack the system though.  One could also keep the
password outside of the file system in a raw partition that is
known to the system.  The flaw there is how one does a back-up of
the passwords [what if the disk gets corrupted?].  Implementing
system calls for password change and password verify is a good
start but then the bute force attack is just to have a C program
feed the kernel a lot of stuff.

In short for each attack there is a defense and for each defense
there is an attack.  Also the best computer security expert is an
ex-cracker.  The best cracker is one who has done software
support!

Short of physical security the only safe approach is to do
everything possible and layer the defenses.  But one must design
the defenses so they add not merely inclusive or the protections.

In reality a vigilant person ought to suspect penetration and
think along the lines of damage assessment.
-- 
=Dennis L. Mumaugh
 Lisle, IL       ...!{att,lll-crg}!cuuxb!dlm  OR cuuxb!dlm at arpa.att.com

More information about the Comp.unix.wizards mailing list