Re: It's not possible to allow non-OPIE logins only from trusted

On Sun, 13 Mar 2011 21:06:17 +0000
Miguel Lopes Santos Ramos <mbox@miguel.ramos.name> wrote:

>=20
> Seg, 2011-03-14 =E0s 07:40 +1100, Peter Jeremy escreveu:
> > On 2011-Mar-10 23:09:07 +0000, Miguel Lopes Santos Ramos
> > <mbox@miguel.ramos.name> wrote:
> > >- The objection on S/KEY on that wiki page, that it's possible to
> > >compute all previous passwords, is a bit odd, since past passwords
> > >won't be used anymore.
> >=20
> > One weakness of S/KEY and OPIE is that if an attacker finds the
> > password (response) for sequence N then they can trivially determine
> > the response for any sequence > N.  This could occur if (eg) you
> > have a printout of OPIE keys and are just crossing them off (which
> > was a common recommendation prior to smart phones etc) - an
> > attacker just needs to memorise the lowest N and response.
>=20
> Ok, admittedly, it took me a while to see in what way that could be a
> weekness. It's a bit like hoping for a little remaining security after
> the password list was compromised.

It means they can compute keys that they already have on the printout
plus obsolete keys. In what sense is that a weakness?

IIRC there is/was a weakness in FreeBSD's OPIE implementation in that
it's susceptible to rainbow table attacks - I think part of the hash
is discarded.

_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"