[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: shared secret vulnerability



My impression is that hashing doesn't add any more entropy than was already present in the input.  Yes, hashing adds time to the calculation, but the output itself isn't any more entropic than the input was.  Am I incorrect?

Clint (JOATMON) Chaplin
>>> Joshua Wright <jwright@hasborg.com> 08/04/04 13:54 PM >>>
Paul Funk wrote:
 > The idea is that you take an ordinary secret, hash it many times,
 > and get a resulting "amplified" shared secret that multiplies the
 > difficulty of attack by the number of times it has been hashed. The
 > draft suggests 0x100000 (~ one million) iterations, adding 2 ^ 20
 > bits of effective entropy to the secret.

While I believe this algorithm is effective at adding entropy to a 
password such as the RADIUS secret, it does not resolve the issue of a 
widespread shared secret distributed throughout an organization. Without 
a mechanism in place to regularly change the secret, the use of shared 
secrets in this fashion is reminiscent of WEP pre-shared keys. As most 
people are painfully aware, shared secret do not stay secretive.

That being said, I like Paul's idea for effectively adding entropy to 
the shared secret that will prolong a brute-force attack.  However, I do 
not believe that this is effective at resolving weak authentication 
between the RADIUS authentication server and NAS.

-Joshua Wright
jwright@sans.org or
jwright@hasborg.com

-- 
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

________________________________________________________________________
This email has been scanned for computer viruses.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>