|
Posted by Colin McKinnon on 02/18/06 16:23
Jeremy Deuel wrote:
> Just an Idea:
> In PHP, passwords for different purposes often are stored plaintext in
> the source. I often wondered, how this could be prevented.
>
> So if you have a web-project, that is access-restricted, try the
> following workaround:
>
<snip>
So:
ResourcePasswords = f(publicdata, MasterPassword)
publicdata = f'(ResourcePasswords, MasterPassword)
> Of course, this will only function with ascii-passwords, but for most of
> us, this should be enough. So with this trick, the encrypted passwords
> can only be successfully decrypted, if the user enters the right
> master-password (= Access-password).
>
Having a single password shared by multiple users is not exactly great
security on a multi-user system. While this system could be used on a
per-UserPassword basis to encrypt a single MasterPassword (which itself
encrypts multiple ResourcePasswords),
MasterPassword = f(publicdata[user], UserPassword[user])
publicdata[user] = f'(MasterPassword , UserPassword[user])
subsequently changing the MasterPassword would be virtually impossible
without access to the unencrypted/hashed UserPasswords - another security
flaw.
But if you could use assymetric encryption to distribute the MasterPasswords
with the UserPasswords acting as passphrases to the UserPrivateKey, you
could leave the user key pair lying around on the server disk and you'd
then have a *secure* and *manageable* solution.
publicdata[user] = g'(MasterPassword, UserPublicKey[user])
MasterPassword = g(publicdata[user], UserPrivateKey[user],
UserPassword[user])
C.
[Back to original message]
|