Simon R Knight (srk@tcp.co.uk)
Sun, 28 Jun 1998 22:28:25 0000
On 28 Jun 98 at 12:04, Steve Reid wrote:
> On Sun, 28 Jun 1998, Simon R Knight wrote:
> > If passwords or passphrases never appear in memory, then they
> > can't be written to a swapfile, so one solution that I find
> > presenting itself, is the possibility of hashing of each character as
> > it is entered at the keyboard. A hash of character one, and a hash of
> > character two, being hashed together to create a new value which can
> > then be hashed with a hash of the third character ... and so on.
>
> This doesn't strike me as a very good idea. If the attacker can get the
> final hash, he has the secret key. If he can get each individual
> keystroke hash, he can compute the final hash as easily as you can.
> Also, if he can get each individual keystroke hash, he can easily deduce
> the keys being typed- just hash every possible keystroke (there aren't
> very many) until he finds a match, then move on to the next keystroke.
>
> No matter how you slice it, the secret _has_ to be in memory for the
> software to use it. Whether the secret is a passphrase or some
> complicated hash of a passphrase doesn't matter.
I understand that this suggestion does not represent "true"
security; it was only intended as a potential alternative to the use
of a standard control to input a password or passphrase from a user.
Can you detail what approach your Windows programs employ in this
respect ?
Given a simple user friendly utility, A child could search a swap
file for text strings, and recover potential passwords/passphrases,
and any programmer could search for potential MD5 or SHA hash values,
so although the above idea in no way represents any kind of
*theoretical* ideal, it would represent a *practical* increase in
security for all Windows encryption programs that simply employ a
standard edit control for password/passphrase input.
As Peter recently confirmed, there is no control over memory
allocated by standard edit controls, so unless the Windows swap file
is totally wiped after every Windows session, then it is wise to
conclude that the true security of all Windows encryption products
employing these controls is effectively zero !
If a swap is only wiped once, then for all intents and purposes
encryption products mays as well be using simple XOR encryption
processes for all the *true* security that exists.
Unless these issues are embraced, cryptography in the context of OS
implementations is little more than an abstraction. Like discussing
the merits of a super-secure lock technology on a stable door,
without recognizing that the horse has already bolted ! : )
Simon
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:19:10 ADT