Discussion:
[ADMIN] User password encryption using a stronger hashing function?
(too old to reply)
l***@kwsoft.de
2011-12-22 09:41:53 UTC
Permalink
No one has responded to my questions. I am wondering if anyone can
point me to where in postgresql source code I can further look into
the issue and explore the possibility of this change? Thanks.
I was already looking for the same topic but could not find anything
useful. Maybe no one is using the build-in password encryption, but
does it at application level with transparent data access?

Maybe one of the developers can explain why the choices for build-in
password encryption are that limited.

Regards

Andreas
Craig Ringer
2011-12-23 03:18:48 UTC
Permalink
Post by l***@kwsoft.de
No one has responded to my questions. I am wondering if anyone can
point me to where in postgresql source code I can further look into
the issue and explore the possibility of this change? Thanks.
I was already looking for the same topic but could not find anything
useful. Maybe no one is using the build-in password encryption, but
does it at application level with transparent data access?
Maybe one of the developers can explain why the choices for build-in
password encryption are that limited.
I'm not a Pg dev, but I won't be surprised if the v3 protocol doesn't
support other hash functions. I haven't looked into it. If you'd like to
know more I suggest you search for things like "md5", "sha1", "sha256",
"stronger hash" etc on the pogsql-hackers mailing list archives.

The main downside of md5 as a password hash function is that the result
is small and quick to compute the standard of today's hashes, so rainbow
tables are easier to build and can have better coverage. Brute-force
cracking is also faster but there's not as much difference there.

If you have a need for stronger hashing functions you might want to
contact one of the consultants who does contract work on PostgreSQL
development and find out what'd be involved in funding the development
of the feature. Think about why you need it first, though; what
threat(s) are you trying to protect from?

--
Craig Ringer
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
l***@kwsoft.de
2011-12-28 10:13:22 UTC
Permalink
Post by Craig Ringer
Post by l***@kwsoft.de
No one has responded to my questions. I am wondering if anyone can
point me to where in postgresql source code I can further look
into the issue and explore the possibility of this change? Thanks.
I was already looking for the same topic but could not find
anything useful. Maybe no one is using the build-in password
encryption, but does it at application level with transparent data
access?
Maybe one of the developers can explain why the choices for
build-in password encryption are that limited.
I'm not a Pg dev, but I won't be surprised if the v3 protocol
doesn't support other hash functions. I haven't looked into it. If
you'd like to know more I suggest you search for things like "md5",
"sha1", "sha256", "stronger hash" etc on the pogsql-hackers mailing
list archives.
The main downside of md5 as a password hash function is that the
result is small and quick to compute the standard of today's hashes,
so rainbow tables are easier to build and can have better coverage.
Brute-force cracking is also faster but there's not as much
difference there.
If you have a need for stronger hashing functions you might want to
contact one of the consultants who does contract work on PostgreSQL
development and find out what'd be involved in funding the
development of the feature. Think about why you need it first,
though; what threat(s) are you trying to protect from?
The reasoning is that if your Database content get lost your passwords
are in danger to be decrypted todays with md5 hash and most of the
time passwords are reused at other places. With stronger hashes at
least the password itself would be somewhat safe. But as said in many
environment the application does not use database users anyway, but
does its own user management with hopefully stronger encryption of the
passwords.

Thanks

Andreas
k***@rice.edu
2011-12-28 14:25:54 UTC
Permalink
Post by l***@kwsoft.de
Post by Craig Ringer
Post by l***@kwsoft.de
No one has responded to my questions. I am wondering if anyone
can point me to where in postgresql source code I can further
look into the issue and explore the possibility of this
change? Thanks.
I was already looking for the same topic but could not find
anything useful. Maybe no one is using the build-in password
encryption, but does it at application level with transparent
data access?
Maybe one of the developers can explain why the choices for
build-in password encryption are that limited.
I'm not a Pg dev, but I won't be surprised if the v3 protocol
doesn't support other hash functions. I haven't looked into it. If
you'd like to know more I suggest you search for things like
"md5", "sha1", "sha256", "stronger hash" etc on the pogsql-hackers
mailing list archives.
The main downside of md5 as a password hash function is that the
result is small and quick to compute the standard of today's
hashes, so rainbow tables are easier to build and can have better
coverage. Brute-force cracking is also faster but there's not as
much difference there.
If you have a need for stronger hashing functions you might want
to contact one of the consultants who does contract work on
PostgreSQL development and find out what'd be involved in funding
the development of the feature. Think about why you need it first,
though; what threat(s) are you trying to protect from?
The reasoning is that if your Database content get lost your
passwords are in danger to be decrypted todays with md5 hash and
most of the time passwords are reused at other places. With stronger
hashes at least the password itself would be somewhat safe. But as
said in many environment the application does not use database users
anyway, but does its own user management with hopefully stronger
encryption of the passwords.
Thanks
Andreas
Exactly. You need to use GSSAPI or something else to secure it. Then
the passwords are not available to be decrypted in the database and
you can use much more extensive encryption for them.

Regards,
Ken
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Bruce Momjian
2012-02-11 00:59:13 UTC
Permalink
Post by k***@rice.edu
Post by l***@kwsoft.de
Post by Craig Ringer
If you have a need for stronger hashing functions you might want
to contact one of the consultants who does contract work on
PostgreSQL development and find out what'd be involved in funding
the development of the feature. Think about why you need it first,
though; what threat(s) are you trying to protect from?
The reasoning is that if your Database content get lost your
passwords are in danger to be decrypted todays with md5 hash and
most of the time passwords are reused at other places. With stronger
hashes at least the password itself would be somewhat safe. But as
said in many environment the application does not use database users
anyway, but does its own user management with hopefully stronger
encryption of the passwords.
Thanks
Andreas
Exactly. You need to use GSSAPI or something else to secure it. Then
the passwords are not available to be decrypted in the database and
you can use much more extensive encryption for them.
The limitations of MD5 do not apply to the way we use MD5 to store
passwords in Postgres; see:

http://archives.postgresql.org/pgsql-hackers/2008-01/msg00846.php
--
Bruce Momjian <***@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ It's impossible for everything to be true. +
--
Sent via pgsql-admin mailing list (pgsql-***@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Loading...