incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: Improving password hashing.
Date Wed, 06 Jul 2011 13:53:20 GMT
Patch will be tidied to community standards before submission.

The upgrade code is not yet written but should be straightforward.

B.

On 6 July 2011 14:50, Filipe David Manana <fdmanana@apache.org> wrote:
> Looks good to me as well.
>
> Minor nitpick, ideally it would respect our coding standard of not
> having lines longer than 80 characters.
>
> Good work Robert
>
> On Wed, Jul 6, 2011 at 2:10 PM, Robert Newson <rnewson@apache.org> wrote:
>> Making it pluggable is probably not much more work but I have to point
>> at that "use sha256" is an inadequate description of a secure password
>> hashing protocol.
>>
>> B.
>>
>> On 6 July 2011 14:05, Benoit Chesneau <bchesneau@gmail.com> wrote:
>>> On Wed, Jul 6, 2011 at 2:43 PM, Robert Newson <rnewson@apache.org> wrote:
>>>> All,
>>>>
>>>> Our current password hashing scheme is weak. In fact, it's regarded as
>>>> weak as plaintext. I'd like to change that.
>>>>
>>>> Some time ago I wrote some code to implement the PBKDF2 protocol. This
>>>> is a cryptographically sound means of deriving a key from a password.
>>>> The output is also usable as a password hash. An important part of the
>>>> protocol is that the work factor can be increased by increasing the
>>>> loop count. Additionally, it is not tied to a specific digest
>>>> algorithm. All these points are not true of the sometimes proposed
>>>> alternative called 'bcrypt' which I do not recommend.
>>>>
>>>> I would like this to go into CouchDB 1.2. New passwords, and updated
>>>> passwords, from 1.2 onwards would use the new scheme, but 1.2 will,
>>>> obviously, be able to verify the current style. This work will take
>>>> place within couch_server where hash_admin_passwords currently lives.
>>>>
>>>> The PKBDF2 code is here:
>>>> https://github.com/rnewson/couchdb/tree/pbkdf2. It passes all the test
>>>> vectors.
>>>>
>>>> The ticket for this work is https://issues.apache.org/jira/browse/COUCHDB-1060
>>>>
>>>> B.
>>>>
>>> That sounds good. I would prefer however a customizable hashing method
>>> for passwords so we can change it easily depending the target. Some
>>> administrations for example require that you use some methods (like
>>> sha256 in europe) and it would be very useful.
>>>
>>> - benoît
>>>
>>
>
>
>
> --
> Filipe David Manana,
> fdmanana@gmail.com, fdmanana@apache.org
>
> "Reasonable men adapt themselves to the world.
>  Unreasonable men adapt the world to themselves.
>  That's why all progress depends on unreasonable men."
>

Mime
View raw message