[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Pierre Kim
pierre.kim.sec at gmail.com
Tue May 5 23:20:50 CEST 2015
Dear Chris, My email was intended to propose having a safer authentication method. I was hoping that RIPE will either : - force users to change their passwords. After 4 years and the RIPE recommendation, 27.000 hashes are still being used on a total of 36.000 without update. Only 25% of the hashes have been updated. - deprecate MD5 in profit of stronger authentication methods. Having 75% of valid hashes in the nature is a concern, I think. Any security researcher who downloaded all the hashes could misuse this information. Regards, -- Pierre Kim pierre.kim.sec at gmail.com @PierreKimSec https://pierrekim.github.io/ On 5/6/15, Christiaan Ottow <chris at 6core.net> wrote: > Hi Pierre, > > On 04/05/15 22:12, Pierre Kim wrote: >> Dear Database Working Group Members, >> >> By reading >> https://labs.ripe.net/Members/kranjbar/password-management-in-ripe-database >> , I see : "The MD5 hash is public, when running a single query (not >> for bulk queries)." >> I assume this was a known problem but the RIPE didn't alert that all >> the hashs have been retrieved, although there were some urgency to >> change the passwords or to use a safer authentication method. >> >> When I discussed it with RIPE NCC Security, I gave a 90 day disclosure >> policy about this "public" information, starting from the 16 Apr 2015. > > What public information exactly do you mean? > >> The 90 day period can be adjusted by adding more days at the end if >> RIPE shows a good progress of the migration. I wanted to do >> responsible disclosure when I saw the RIPE Responsible Disclosure >> Policy which is a Really Good Thing, I think. > > What migration? RIPE has changed the database scheme to hide passwords, > recommended all MNTners to change their password, and offers stronger > means of authentication. What more do they need to do right now? > >> According to the RIPE transparency, as recommended by RIPE NCC >> Security, therefore I am now contacting this working group to work >> together because deprecation of MD5 is an important change in the RIPE >> database and it must be debated in a democratic manner. >> >> My analysis is simple: The MD5 authentication is broken for years and >> it's time to change to a more secure method. I think people needs to >> be encouraged to move to SSO authentication. Using MD5 now is unsafe >> and dangerous, especially with unchanged 4 year-old passwords. >> >> Please share your thoughts about this situation. I will be happy to >> debate with you. >> > > At this point, I'm very curious as to: > 1) What information do you plan to disclose in 90 days? > 2) What do you expect of RIPE in that period? > > -- chris > >
- Previous message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
- Next message (by thread): [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ db-wg Archives ]