Idea for secure login
From: Paul Johnston (paul_at_westpoint.ltd.uk)
Date: 06/14/03
- Next message: gwj02: "Re: Enigma machine vs. modern cryptanalysis"
- Previous message: Tom St Denis: "Re: OMAC help"
- Next in thread: Anne & Lynn Wheeler: "Re: Idea for secure login"
- Reply: Anne & Lynn Wheeler: "Re: Idea for secure login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 14 Jun 2003 10:00:08 -0700
Hi,
I just wondered if this login scheme had been considered before and
what the verdict was.
I have already used a challange hash authentication protocol for web
logins. The client and server have the password as a shared secret.
This works ok, but the password has to be securely exchanged in the
first place.
But, you can use the non-reversible property of secure hashes to avoid
the need to exchange a password. When creating the account, the client
sends the server:
md5(hmac_md5(password, random))
Now, to login the client sends:
hmac_md5(password, random), md5(hmac_md5(password, random2))
The first part proves the client knows the password - an eavesdropper
can't reverse the md5 and calculate this. However, they could now
perform a replay attack, so the second part sets a new login secret.
I realise this scheme fails completely if the attacker is not just a
malicious eavesdropper, but can modify packets in transit, etc. That
is not a problem to be because I am implementing this with JavaScript
that is downloaded insecurely, so I can never get around an active
attacker.
Does it work?
BTW, you may be interested in my JavaScript MD5 implementation
http://pajhome.org.uk/crypt/md5/
Regards,
Paul
- Next message: gwj02: "Re: Enigma machine vs. modern cryptanalysis"
- Previous message: Tom St Denis: "Re: OMAC help"
- Next in thread: Anne & Lynn Wheeler: "Re: Idea for secure login"
- Reply: Anne & Lynn Wheeler: "Re: Idea for secure login"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
