print "Me"

portable perspectives

a blog about programming, life, universe and everything

pages

ActsAsAuthenticated, insecure by default?

from gabriele renzi December 22nd, 2007 8 comments Tags:

ActsAsAuthenticathed is probably the most widely used (and deployed) plugin for managing user registration/authentication in a rails application.

As everything coming from Rick Olson it's great, giving you a complete authentication system in few steps, with a lot of tweaking points that allows you to make it suitable to your setup.

But I think the default configuration is a bit insecure.

Point is, the default encryption routine (done in #encrypt in model.rb) uses a SHA1 digest to cypher the password. But SHA1 is designed to be a fast digest function, not a password cypher. Moreover, the default password length is restricted in the 4..40 range.

Thus, supposing a user has a password with the standard characters in the [_-a-zA-Z0-9] range, the number of different combination for an acceptable password is 64^4< 17 milions.

This may seem a lot, but if you think about it is not so much, using a dumb ruby script on my old box I can find all the hashes for this kind of password in about three minutes. Yeah, in ruby, with gc kicking in and everything. Having a salt is of no importance, it just avoids finding multiple passwords at once.

Now, if you think that there are things like NSA@Home that will try all the possible passwords of 8 characters in one day (64^8 =~ 3e14), this does not sound really secure.

I'm not a security expert, but I believe this should not be like that. I'd say that to make it a bit more secure you could change the Model#encrypt method to do multiple iterations, say 

def self.encrypt(password, salt)
  cypher = password
  1000.times do 
    cypher= Digest::SHA1.hexdigest("#{salt}#{cypher}")
  end
  cypher
end

But even there, I'm not a cryptanalist so I don't know if there is something like "the n iteration of SHA1(string of k elements) may be computed in time O(log(n*k))". Cryptopeople may do stuff like that, all the time, for what I know.

So this is basically a question: is AAA slightly insecure by default? If that is true, what would you use as the encrypt function?

See all comments

AddThis Social Bookmark Button

 

Tags

Archives

Links

© 2006 Template design by Arcsin Ported by railsgrunt Register for a skinnyscore at www.blogskinny.com and increase traffic