From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII X-Google-Thread: 103376,2ea9abfbe071a56f X-Google-Attributes: gid103376,public From: gisle@kondor.ii.uib.no (Gisle S�lensminde) Subject: Re: Saving and Encoding Passwords Date: 1999/11/17 Message-ID: #1/1 X-Deja-AN: 549650901 Content-Transfer-Encoding: 8bit References: <38315e1a.0@silver.truman.edu> Organization: University of Bergen, Norway Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 Newsgroups: comp.lang.ada Date: 1999-11-17T00:00:00+00:00 List-Id: In article <38315e1a.0@silver.truman.edu>, Josh Highley wrote: > I'm writing an Ada program that checks email accounts. I'm storing the >user name, password, and other info in a text file that my program references >on startup. I obviously don't want to store the password unencoded. Thus, >my question is how should I encrypt the password? Is there an Ada package >that will do this? I thought of using the CPU id to encrypt the password, >but I'm not sure how secure this would be and I haven't found an API function >or any other method of retrieving the CPU id. Is there a >typical/standard/accepted way of encoding passwords? > >Thanks, > >Josh Highley >joshhighley@hotmail.com You can use the same trick as UNIX uses. Unix use the password to encrypt a string of zeros using a modified version of DES(Data encryption standard) and the encrypted string is stored (usualy in /etc/passwd ) When the user is logging on the system he types the password, and the system will again encrypt the password. If this encrypted string is the same as the original encrypted string in the password file, the logon is accepted. The DES is modified by changing the number of rounds from 16 to 25, which have no known decryption, and the algorithm is also modified to take an extra 12 bit random "salt" which is stored with the password. The salt is there to prevent a text search for the same password when one password is broken. I you use a UNIX or Linux system, you can use the 'crypt' system call which does the encryption. (see the man pages) You then have interface this with convention 'C' This scheme give you only moderate security, since there has been several successfull attacks to this scheme. One of them is the dictionary attack, that use a wordlist, and tries different combinations of words. The programs doing this has been remarably sophisticated, and will typically break passwords on most systems. You can improve security by letting the password list be write protected, and have some quality check for the passwords, to make offline attacks more difficult. Another problem is that des limits the number bits used for encryption to 56 bit, which is to few by todays standards. Instead you can use one of the 5 remaining AES candidate algorithms, which allows up to 256 bit keys. The web pages under provide Ada implemetations of some of them. http://www.cl.cam.ac.uk/~mgk25/download/ (serpent) http://www.ccsr.cam.ac.uk/projects/aes/ (Rc6, Rijndael) http://www.skinner.demon.co.uk/aidan/programming/libra/ (mars, rc6, rijndael, twofish) There are of cause more 'state of the art' autentification schemes, but then I would recommend to learn more crypthograpy first. Also consider other security issues. It do not help that a cracker can't read the password file if he can read password transefered over the network in clear. Programs like SSH (secure shell) can improve this. Hope this helps. -- Gisle S�lensminde ( gisle@ii.uib.no )