Password hashing (non-SSL)

Question

How is the password sent from browser to server in case of non-ssl transfer?

I want to use bcrypt to hash password+salt before sending.... but it seems there is no javas

Answer 1

Hmmm,

Challenge response protocol would work here.

Client fetches login page
1) Start session
2) Generate session key
3) Send session key as hash target
User logs in, presses submit
1) Javascript Task SHA-1 of session key + SHA-1 of password, writes result to password field
2) Javascript subimts form
3) Server takes SHA-1 of session key + SHA-1 password hash and compares

The session key is what keeps an eavesdropper from replaying the stream. The server remembers what it was.

HOWEVER, SHA1 of password should use salt. Simply using the username might be good enough to prevent a prebuilt rainbow table from working. Since the salt will be exposed in this protocol you can't completely defeat rainbow tables.

EDIT: In retrospect I didn't make one thing clear. The session id I'm talking about is not the PHP session id. It is an extra id stored in a session variable and passed to the client in the form. It needs to be used once for authentication and discarded from the PHP session variable afterwords. All the same, a sniffer can hijack the session after that point.

Please bear in mind that all this question asked for is a way to protect the password from sniffers. His own site is completely vulnerable to anybody who can sniff and hijack a session and he knows this.

BIG FAT WARNING: a MITM attacker can replace the javascript code with something that does something else like provide him a copy of the password. Only SSL can protect against this attack.