On Sun, Sep 14, 2003 at 04:23:09PM +0300, Oded Arbel wrote: > On Sunday 14 September 2003 15:47, Gal Goldschmidt wrote: > > Hi, > > > > Both DIGEST-MD5 and CRAM-MD5 require the password to be stored on the > > server in clear text(!). > > As I understand, this is only required so that the authentication agent (be it > sasl, pam or whatever) can encode the password in MD5. is it possible to > store the password on the server already encoded in MD5 ? that would be the > best solution IMO.
The password is not "encoded" in MD5. It is hashed using MD5. MD5 takes a string and creates a "password image". If MD5 works well then you cannot tell anything about the reall password from tht "password image. The only thing you can do is take a different string and create its own MD5 signature. If they match then hopefully it was the original password. However, what good would it be if you would send the hashed password? MAybe you won't know the password, but you'll be able to use that hash recorded from the network transport. So the next logical step would be that the authentication would be of not exactly the hash of the passowrd itself, but of the password and "a litlle-bit more", say a number of junk bits made up by the server. If both client and server know the password they can both "encrypt" that similar value. Thus on the wire only the junk bits and the reply hash must go. The secret password never does. And nothing that can be directly used as its replacement. -- Tzafrir Cohen +---------------------------+ http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| mailto:[EMAIL PROTECTED] +---------------------------+ ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
