| |||||||||||||
A hole in crypt_blowfishA hole in crypt_blowfishPosted Jun 22, 2011 22:20 UTC (Wed) by iabervon (subscriber, #722)In reply to: A hole in crypt_blowfish by jzbiciak Parent article: A hole in crypt_blowfish
My goal is to invalidate all and only the weak passwords, by making it such that, if this bug affected an old password, no string could be given to the fixed code in order to give that hash.
If you had set your password to "ab£", the hash actually stored would be the proper hash of "ÿÿ£". If an attacker typed "xy£" or simply "£", the hash they got would also be the proper hash of "ÿÿ£". If the code is fixed, the only way to type your password would be "ÿÿ£", but this would work for any of the other passwords saved with the buggy code as well, so those passwords are still weak. However, when the bug is fixed, the only way to type any password whose saved hash was weakened by the bug is to use "ÿ". So it would invalidate weak passwords if using "ÿ" became impossible, either by simply rejecting it or by replacing it with some other value.
(Log in to post comments)
A hole in crypt_blowfish Posted Jun 22, 2011 22:44 UTC (Wed) by jzbiciak (✭ supporter ✭, #5246) [Link]
Ah, gotcha. You're not trying to gracefully grandfather in those whose passwords are affected. Rather, you're simply forcing their passwords to be invalid once you have the corrected library.
That leaves the process of "how do you securely reset the affected users' passwords" as an exercise to be solved by the reader. ;-)
|
|||||||||||||