Return-Path: X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 8265218C31 for ; Thu, 29 Oct 2015 17:32:28 +0000 (UTC) Received: (qmail 85731 invoked by uid 500); 29 Oct 2015 17:32:28 -0000 Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org Received: (qmail 85642 invoked by uid 500); 29 Oct 2015 17:32:28 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 85179 invoked by uid 99); 29 Oct 2015 17:32:28 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 29 Oct 2015 17:32:28 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id C6CB12C1F5C for ; Thu, 29 Oct 2015 17:32:27 +0000 (UTC) Date: Thu, 29 Oct 2015 17:32:27 +0000 (UTC) From: "Christopher Tubbs (JIRA)" To: notifications@accumulo.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (ACCUMULO-4044) Stronger/standardized password hashing MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ACCUMULO-4044?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Christopher Tubbs updated ACCUMULO-4044: ---------------------------------------- Description: Currently, Accumulo stores hashed passwords using SHA-256 and an 8-byte salt, in a custom output format. Instead, we should switch to using commons-codec's Crypt class to create crypt(3) style hashes, the default of which is to use SHA-512 with a 16-byte salt. The format is stored in a standard way, with an identifier to determine the hashing method which was used. We'd have to make sure that we can tell the difference between the new format and the old format, so we know how to properly verify user credentials. This would be easy if we stored the new form in a different zookeeper node, but we could also use a delimiter (not a fan of the delimiter, personally, because I'd prefer the standard format, unmodified). We might be able to automatically migrate to the new format upon authentication, so we can eventually drop the old format entirely++. ++ When we do eventually drop the old format, users will need to reset their passwords, or have an admin user do it for them. This shouldn't be a big issue if we wait a sufficient number of releases to drop the old format. was: Currently, Accumulo stores hashed passwords using SHA-256 and an 8-byte salt, in a custom output format. Instead, we should switch to using commons-codec's Crypt class to create crypt(3) style hashes, the default of which is to use SHA-512 with a 16-byte salt. The format is stored in a standard way, with an identifier to determine the hashing method which was used. We'd have to make sure that we can tell the difference between the new format and the old format, so we know how to properly verify user credentials. This would be easy if we stored the new form in a different zookeeper node, but we could also use a delimiter (not a fan of the delimiter, personally, because I'd prefer the standard format, unmodified). We might be able to automatically migrate to the new format upon authentication, so we can eventually drop the old format entirely*. * When we do eventually drop the old format, users will need to reset their passwords, or have an admin user do it for them. This shouldn't be a big issue if we wait a sufficient number of releases to drop the old format. > Stronger/standardized password hashing > -------------------------------------- > > Key: ACCUMULO-4044 > URL: https://issues.apache.org/jira/browse/ACCUMULO-4044 > Project: Accumulo > Issue Type: Improvement > Reporter: Christopher Tubbs > Fix For: 1.8.0 > > > Currently, Accumulo stores hashed passwords using SHA-256 and an 8-byte salt, in a custom output format. > Instead, we should switch to using commons-codec's Crypt class to create crypt(3) style hashes, the default of which is to use SHA-512 with a 16-byte salt. The format is stored in a standard way, with an identifier to determine the hashing method which was used. > We'd have to make sure that we can tell the difference between the new format and the old format, so we know how to properly verify user credentials. This would be easy if we stored the new form in a different zookeeper node, but we could also use a delimiter (not a fan of the delimiter, personally, because I'd prefer the standard format, unmodified). We might be able to automatically migrate to the new format upon authentication, so we can eventually drop the old format entirely++. > ++ When we do eventually drop the old format, users will need to reset their passwords, or have an admin user do it for them. This shouldn't be a big issue if we wait a sufficient number of releases to drop the old format. -- This message was sent by Atlassian JIRA (v6.3.4#6332)