Re: Saving and Encoding Passwords

[gisle@kondor.ii.uib.no (Gisle S�lensminde)]

In article <38315e1a.0@silver.truman.edu>, Josh Highley wrote:
>  I'm writing an Ada program that checks email accounts.  I'm storing the 
>user name, password, and other info in a text file that my program references 
>on startup.  I obviously don't want to store the password unencoded.  Thus, 
>my question is how should I encrypt the password?  Is there an Ada package 
>that will do this?  I thought of using the CPU id to encrypt the password, 
>but I'm not sure how secure this would be and I haven't found an API function 
>or any other method of retrieving the CPU id.  Is there a 
>typical/standard/accepted way of encoding passwords?
>
>Thanks,
>
>Josh Highley
>joshhighley@hotmail.com

You can use the same trick as UNIX uses. Unix use the password to encrypt
a string of zeros using a modified version of DES(Data encryption standard)
and the encrypted string is stored (usualy in /etc/passwd ) 

When the user is logging on the system he types the password, and the 
system will again encrypt the password. If this encrypted string is the 
same as the original encrypted string in the password file, the logon is 
accepted.

The DES is modified by changing the number of rounds from 16 to 25,
which have no known decryption, and the algorithm is also modified
to take an extra 12 bit random "salt" which is stored with the password. 
The salt is there to prevent a text search for the same password when one
password is broken. I you use a UNIX or Linux system, you can use
the 'crypt' system call which does the encryption. (see the man pages)
You then have interface this with convention 'C'

This scheme give you only moderate security, since there has been several 
successfull attacks to this scheme. One of them is the dictionary
attack, that use a wordlist, and tries different combinations of words.
The programs doing this has been remarably sophisticated, and will typically
break passwords on most systems. You can improve security by letting the
password list be write protected, and have some quality check for the
passwords, to make offline attacks more difficult.

Another problem is that des limits the number bits used for encryption to
56 bit, which is to few by todays standards. Instead you can use one of 
the 5 remaining AES candidate algorithms, which allows up to 256 bit keys.
The web pages under provide Ada implemetations of some of them. 

http://www.cl.cam.ac.uk/~mgk25/download/ (serpent)
http://www.ccsr.cam.ac.uk/projects/aes/  (Rc6, Rijndael)
http://www.skinner.demon.co.uk/aidan/programming/libra/ 
(mars, rc6, rijndael, twofish)

There are of cause more 'state of the art' autentification schemes, but
then I would recommend to learn more crypthograpy first. Also consider 
other security issues. It do not help that a cracker can't read the 
password file if he can read password transefered over the network 
in clear. Programs like SSH (secure shell) can improve this.

Hope this helps.

--
Gisle S�lensminde ( gisle@ii.uib.no )