Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!cmcl2!adm!smoke!gwyn From: gwyn@smoke.BRL.MIL (Doug Gwyn ) Newsgroups: comp.unix.wizards Subject: Re: Password security - Another idea Message-ID: <9262@smoke.BRL.MIL> Date: 2 Jan 89 05:39:15 GMT References: <228@sea375.UUCP> <4497@xenna.Encore.COM> <4537@xenna.Encore.COM> <4547@xenna.Encore.COM> Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) ) Organization: Ballistic Research Lab (BRL), APG, MD. Lines: 48 In article <4547@xenna.Encore.COM> bzs@Encore.COM (Barry Shein) writes: >I claim you'd be better off spending your money (guards cost money, >no?) on a better door and lock rather than having to worry about the >door, the lock and the guard too now. Quite apart from the dangers of reasoning by analogy, you miss some of the points about locks and encryption that are understood by professionals (both good guys and bad guys) in those fields. Locks serve a number of functions. Ordinary residence locks should be part of an overall residence security design sufficient to convince the typical random burglar to go elsewhere where there are easier pickings. Prime targets, say for industrial espionage, should impose a net expected cost/difficulty/risk of access in excess of the value beIng protected; combining several defenses that individually aren't quite good enough generally will suffice. On other occasions, it is more important (perhaps for insurance reasons) to obtain concrete evidence of entry than to make entry harder but undetectable when it does occur. All these examples provide useful analogies for points that could be made with regard to password security. Note also that the layman, and even many locksmiths, are poor judges of what constitutes a "better" lock. I've been known to "waltz through" supposedly maximum-security locks; in one case, simply rapping a highly-rated padlock in the right spot with a piece of wood would cause it to pop open! Similarly, laymen and even the "professionals" in the open cryptological community often cannot properly evaluate the strength of a proposed cryptosystem. When I hear discussion of how long a "brute force" search would take, I tune out; sure, the system needs to be good enough under a brute-force attack, but that is by no means sufficient. In fact actual cryptanalysis normally reserves brute-force searches for those cases where more clever analytical methods have managed to drastically narrow the space to be searched. Time and time again, "proven secure" cryptosystems have been cracked by good cryptanalysis. The moral, if there is one, is that it is hard to reliably judge matters of security, and one should enlist the aid of experienced security defeaters in the process (preferably professionals). The other major point is that combination of several good defenses can result in an excellent defense. Thus, making the encrypted passwords unreadable is much better than either leaving them readable or using a shadow file of unencrypted passwords.