|
|
On Sat, 2010-06-26 at 07:13 -0400, Tom Ritter wrote:
> You covered several of the arguments: the password moving down the
> stacks and being intercepted there, the maintainability.
>
> But there's two more things I'd raise. First off, you really shouldn't
> be hashing your passwords. It's better to use something I don't know
> the correct term for (I've heard adaptive hashing and iterative hashing.
> I usually just call them by name).
I agree on not hashing.
Short of mentioning encryption in the transport layer (which is a must
in any such scenario), by far the most secure method involving passwords
known to me would be a challenge/response mechanism which completely
eliminates the need to transfer any kind of sensitive information over
the wire.
If the client produces the right token, the response to the challenge
will be identical to the one that the server calculated based on the PSK
at hand and the authentication can be thought of successful.
Regards,
--
Grega Bremec
gregab at p0f dot net
|
|