From: Justin Mason (jm at domain jmason.org)
Date: Mon 18 Jun 2001 - 13:22:23 IST
Fergal Daly said:
> The best I can come up with is to give users a PIN number (compatible with
> the input restrictions). Reversibly encrypt their plain text password using
> the PIN as a key. One-way encrypt the PIN. Store the 2 encrypted fields on
> the 3rd party machine.
> I was thinking of using UNIX crypt as the one-way and XORing in chunks (with
> a binary rather than ASCII version of the PIN) as the reversible method.
It sounds good. I would use stronger encryption, however; it doesn't hurt
and the source is freely available. For example, use md5 passwords for
the one-way hash, and use a symmetric algorithm, like Blowfish (or Twofish
or Rijndael) for the reversible method. Using just XOR is way too fast to
be safe ;)
Also, I'd suggest that you definitely use different algorithms, as
otherwise a sufficiently smart attacker could figure out a weakness you
missed, whereby two iterations of the same algo, provides a shortcut.
Don't forget to use a salt.
> There's also the possibility of assigning alternative passwords which will
> only work if they're coming from the 3rd party machine, this would allow us
> to use the full range off passwords, rather than just sticking to the
> typable ones.
That would be nice.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:10:42 GMT