tmwserv Password Encryption Patch

Content and general development discussion, including quest scripts and server code. TMW Classic is a project comprising the Legacy tmwAthena server & the designated improved engine server based on evolHercules.


Forum rules

This forum houses many years of development, tracing back to some of the earliest posts that exist on the board.

Its current use is for the continued development of the server and game it has always served: TMW Classic.

User avatar
leeor_net
Novice
Novice
Posts: 180
Joined: 03 Feb 2008, 09:17
Location: Ohio, USA
Contact:

tmwserv Password Encryption Patch

Post by leeor_net »

I don't know if the dev's have considered using an encryption algorithim instead of sending and storing passwords in plain text so I took the liberty of creating a patch that addresses just that.
tmw_md5.zip
(9.55 KiB) Downloaded 121 times
- Leeor

"Oh, no thanks. I ate a boulder on the way in." - Shrek
User avatar
Jaxad0127
Manasource
Manasource
Posts: 4209
Joined: 01 Nov 2007, 17:35
Location: Internet

Re: tmwserv Password Encryption Patch

Post by Jaxad0127 »

This is also being discussed in Mantis 92. This is being looked at the for the new server (doing it under the current server would be troublesome).
Image
User avatar
trapdoor
Novice
Novice
Posts: 216
Joined: 18 Feb 2007, 12:36

Re: tmwserv Password Encryption Patch

Post by trapdoor »

MD5 is not even close to being sufficient.

I would suggest using SHA-1 (used in SSL) or maybe even SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512).

--
trapdoor
User avatar
leeor_net
Novice
Novice
Posts: 180
Joined: 03 Feb 2008, 09:17
Location: Ohio, USA
Contact:

Re: tmwserv Password Encryption Patch

Post by leeor_net »

This is a patch for the new tmwserve (SVN revision 3997, client and server trunk). I don't dare touch eathena.

As for the MD5 security, it's, at the very least, a start. It's certainly a lot better than the plain-text transmission and storage that's currently implemented. And yes, I'm aware that I could use a randomly generated sha-1 salt which I could then attach to the MD5 checksum in some way. I've seen a variety of ways to do this.

I was hoping that this patch would be useful in some way but if the dev's are already working on something this may be a waste of time.
- Leeor

"Oh, no thanks. I ate a boulder on the way in." - Shrek
User avatar
Crush
TMW Adviser
TMW Adviser
Posts: 8046
Joined: 25 Aug 2005, 16:08
Location: Germany

Re: tmwserv Password Encryption Patch

Post by Crush »

leeor_net wrote:And yes, I'm aware that I could use a randomly generated sha-1 salt which I could then attach to the MD5 checksum in some way.
I think you misunderstood something. SHA-1 is an alternative for MD5, not a supplement.
  • former Manasource Programmer
  • former TMW Pixel artist
  • NOT a game master

Please do not send me any inquiries regarding player accounts on TMW.


You might have heard a certain rumor about me. This rumor is completely false. You might also have heard the other rumor about me. This rumor is 100% accurate.
User avatar
leeor_net
Novice
Novice
Posts: 180
Joined: 03 Feb 2008, 09:17
Location: Ohio, USA
Contact:

Re: tmwserv Password Encryption Patch

Post by leeor_net »

I know.

A common way of salting passwords that I've seen is to get an MD5 hash from the password, randomly generate a salt and get an sha-1 hash from the salt. Then it's just a matter of tacking each one together.

I have a few ideas I'm going to persue including using the whirlpool hashing functions so I'll get those working whenever I have a bit of time to actually do it.
- Leeor

"Oh, no thanks. I ate a boulder on the way in." - Shrek
User avatar
Crush
TMW Adviser
TMW Adviser
Posts: 8046
Joined: 25 Aug 2005, 16:08
Location: Germany

Re: tmwserv Password Encryption Patch

Post by Crush »

When you have seen it a lot then maybe there are already precalculated rainbow tables for this method.

It is also not really a critical improvement. When you want to brute force a password which is salted by its own hash you just need twice as much time. Not really a critical security improvement.

When you use a salt to avert rainbow table attacks it should be something that has nothing to do with the password. My idea was to use the username as a salt. I can imagine rainbow tables for common passwords but not for common password- and username combinations.
  • former Manasource Programmer
  • former TMW Pixel artist
  • NOT a game master

Please do not send me any inquiries regarding player accounts on TMW.


You might have heard a certain rumor about me. This rumor is completely false. You might also have heard the other rumor about me. This rumor is 100% accurate.
User avatar
Rotonen
TMW Adviser
TMW Adviser
Posts: 3154
Joined: 08 Sep 2004, 19:48
Location: Bern, Switzerland

Re: tmwserv Password Encryption Patch

Post by Rotonen »

Also SHA-1 has been compromised lately to provide a significantly smaller subset of guesses for the bruteforce attempt.

From decent modern-ish encryption standards, I'd go for some SHA-2 variant, blowfish/twofish or AES. Favoring blowfish out of these for the lightness, though.
This message used to be meaningful.
User avatar
Crush
TMW Adviser
TMW Adviser
Posts: 8046
Joined: 25 Aug 2005, 16:08
Location: Germany

Re: tmwserv Password Encryption Patch

Post by Crush »

Blowfish, Twofish and AES are symmetric key encryption algorithmns, not hash algorithmns. That's something completely different (symmetric key encryption is supposed to be decryptable with the same key used for encryption while hash functions include loss of information and thus can not be reversed).

The SHA2 family is currently the state of the art regarding hash functions.
  • former Manasource Programmer
  • former TMW Pixel artist
  • NOT a game master

Please do not send me any inquiries regarding player accounts on TMW.


You might have heard a certain rumor about me. This rumor is completely false. You might also have heard the other rumor about me. This rumor is 100% accurate.
User avatar
Rotonen
TMW Adviser
TMW Adviser
Posts: 3154
Joined: 08 Sep 2004, 19:48
Location: Bern, Switzerland

Re: tmwserv Password Encryption Patch

Post by Rotonen »

This will soon offtopic into "hashing the data versus encrypting the data". :roll:

http://searchsqlserver.techtarget.com/t ... 99,00.html
This message used to be meaningful.
User avatar
Crush
TMW Adviser
TMW Adviser
Posts: 8046
Joined: 25 Aug 2005, 16:08
Location: Germany

Re: tmwserv Password Encryption Patch

Post by Crush »

I don't think so. The only confidential data in our database are the passwords and regarding passwords hashing is more intelligent than encrypting.

When you can hack our server to steal the encrypted passwords you can also steal our encryption key and decrypt the database.

When passwords are hashed, on the other hand, there is no way to get the clear text passwords from the database, not even by a rogue administrator or sophisticated social engineering.
  • former Manasource Programmer
  • former TMW Pixel artist
  • NOT a game master

Please do not send me any inquiries regarding player accounts on TMW.


You might have heard a certain rumor about me. This rumor is completely false. You might also have heard the other rumor about me. This rumor is 100% accurate.
User avatar
Rotonen
TMW Adviser
TMW Adviser
Posts: 3154
Joined: 08 Sep 2004, 19:48
Location: Bern, Switzerland

Re: tmwserv Password Encryption Patch

Post by Rotonen »

Can still think of grid configurations in which it could come useful, but I guess the implementation is not our headache.
This message used to be meaningful.
User avatar
Jaxad0127
Manasource
Manasource
Posts: 4209
Joined: 01 Nov 2007, 17:35
Location: Internet

Re: tmwserv Password Encryption Patch

Post by Jaxad0127 »

Where is the hashing going to occur, client, server, or both?
Crush wrote:I don't think so. The only confidential data in our database are the passwords and regarding passwords hashing is more intelligent than encrypting.

When you can hack our server to steal the encrypted passwords you can also steal our encryption key and decrypt the database.
If it's just the client, hacking the database would give them every account. Using two different algorithms, one for the client and one for the server, would be an idea.
Image
User avatar
leeor_net
Novice
Novice
Posts: 180
Joined: 03 Feb 2008, 09:17
Location: Ohio, USA
Contact:

Re: tmwserv Password Encryption Patch

Post by leeor_net »

My implementation is exclusively through the Client as sending any plain-text data over the internet is a security nightmare. Doing all of the hashing/encryption client side makes it entirely the responsibility of the client.

The problem at this point comes in creating a secure hashing scheme that is not vulnerable to what are called rainbow attacks. Personally I hate that people have actually developed these tables -- at the same time, they are a blessing in disguise because they show just how vulnerable hashing functions are, particularly MD5 (havn't done any research into vulnerabilities and rainbow attacks with other hashes).

Anyway, there are various ways to defeat these tables but they are so effective because so many people use really simple, easy to remember passwords.

Passwords and various methods of securing them is a discussion that could easily fill several books and an entire college semester. For the purposes of TMW and my project, basic security is sufficient. My current implementation does indeed need work though but for now the basic MD5 hash is good enough for testing purposes.

Went on a bit of tangent, didn't I? :oops:
- Leeor

"Oh, no thanks. I ate a boulder on the way in." - Shrek
User avatar
Crush
TMW Adviser
TMW Adviser
Posts: 8046
Joined: 25 Aug 2005, 16:08
Location: Germany

Re: tmwserv Password Encryption Patch

Post by Crush »

Rainbow tables aren't hard to beat.

You just have to append a salt string to the password which is unique for your application before hashing and a rainbow table has to be created especially for your application (and unless your application is very widely used this is not worth doing).

When you also have some mechanism which allows to add a different salt to each password rainbow tables become completely unuseable.

For TMW we could create the password hash (client-sided) by concatenating Password + Username + Server hostname and hashing then. This would also make sure that the server admin can't use your hash to log in on a different server where you have the same username and password. The only problem is that when the server changes its hostname all passwords become invalid.
  • former Manasource Programmer
  • former TMW Pixel artist
  • NOT a game master

Please do not send me any inquiries regarding player accounts on TMW.


You might have heard a certain rumor about me. This rumor is completely false. You might also have heard the other rumor about me. This rumor is 100% accurate.
Post Reply