Security, cryptography: Stupid Challenge - Response protocol?

前端 未结 4 1808
时光说笑
时光说笑 2021-02-11 05:48

Ok guys just a small game:

I have some specifications for a project. At some point they ask for the following to encrypt a password over the net, saying that it is a cha

相关标签:
4条回答
  • 2021-02-11 06:16

    That's a pretty horrible protocol. If this is something someone wants you to implement, refuse to. There are existing, vetted protocols for this type of thing. If this is a game where you point out all the flaws - okay.

    • Anyone who hears steps 2 & 3 knows the password
    • Anyone who hears step 3 and notes the time can brute-force the password if he has any idea of the precision of the time on the server
    • I can pretend to be a server (arp poisoning, dns rediction, etc), and get your password, never completing step 4 and feigning a timeout
    • Vulnerable to Man in the Middle Attacks because there's no shared secret between client/server or certificates on the server
    • Relies on the server storing the SHA1(time) and waiting for a response, so I can overload the server with requests for challenges and never reply.

    And I'm definetly missing some more.

    0 讨论(0)
  • 2021-02-11 06:21

    You are right -- if you capture the challenge and (challenge XOR password) then extracting the password is easy.

    You need to use proper encryption in step 3, not XOR. Encrypt the challenge with the password.

    To make an attacker's life harder you could add random data to what you encrypt to: e.g. encrypt paddingCHALLENGEpadding. The server doesn't care what the padding is, it knows where to look for the challenge, but it means an attacker won't know what the whole plaintext is.

    0 讨论(0)
  • 2021-02-11 06:38

    You would be able to reverse engineer the password. You want to send the SHA of the password, not the password itself. Rolling your own security protocols is almost never a good idea. Can you not use SSL or something equivalent?

    http://en.wikipedia.org/wiki/Cryptographic_nonce

    0 讨论(0)
  • 2021-02-11 06:41

    How about the following:

    1. Server sends a random challenge
    2. Client sends SHA1 checksum of (challenge+password)
    3. Servers compares against SHA1 checksum of (challenge+stored password)
    0 讨论(0)
提交回复
热议问题