登录期间是否应使用随机数? [英] Should Nonces Be Used During Log-In?

问题描述

维基百科提供了以下基于随机数的身份验证示例:

Wikipedia presents the following example of nonce-based authentication:

1. 客户端从服务器请求随机数.

1. Client requests nonce from server.

服务器以随机数作为响应(即以下称为服务器 随机数").

Server responds with nonce (i.e., hereafter referred to as "server nonce").

客户端使用服务器随机数，其自己的客户端随机数和用户输入 生成哈希的密码.

Client uses server nonce, its own client nonce, and user-inputted password to generate a hash.

客户端将用户输入的用户名，客户端随机数和哈希发送到 服务器.

Client sends user-inputted username, client nonce, and hash to server.

服务器从其服务器中检索服务器随机数和用户密码 数据库，大概是通过用户名.

Server retrieves both server nonce and user password from its database, presumably via username.

服务器将服务器随机数，客户端随机数和密码组合到 生成哈希.

Server combines server nonce, client nonce and password to generate a hash.

服务器将刚生成的哈希与客户端发送的哈希进行比较.

Server compares hash just generated with hash sent from client.

如果哈希匹配，则对客户端进行身份验证.如果不是，则客户为 拒绝了.

If the hashes match, client is authenticated. If not, client is rejected.

这是否意味着服务器将用户密码存储为纯文本格式?是否严重违反了建议保存密码的哈希哈希值而不是实际密码本身的安全性原则?

Doesn't this imply that the server stores user passwords in plain text? In gross violation of security principles that recommend saving salted hashes of passwords rather than the actual passwords themselves?

推荐答案

该协议基本上是

This protocol is basically a challenge–response authentication. It is used to avoid sending the actual secret (e. g., password), but the response can only be valid with knowledge of the secret. And to avoid replay attacks, a nonce is incorporated.

但是，上述协议要求服务器以可检索的形式(例如，纯文本或加密形式)存储机密.

However, the mentioned protocol requires the server to store the secret in a retrievable form (e. g., plaintext or encrypted).

但是您可以通过要求客户端生成相同的密码哈希来更改协议以允许使用密码哈希代替明文密码:

But you could change the protocol to allow the use of password hashes instead of the plaintext passwords by requiring the client to generate the same password hash:

1. 客户端从服务器请求 salt 和现时请求用户输入的 username .
2. 服务器大概是通过用户名从其数据库中检索 salt 的，并以 salt 和nonce进行响应(即，以下称为 >服务器随机数).
3. 客户端使用盐和用户输入的密码生成密码哈希，并使用密码哈希， 服务器随机数，以及它自己的客户端随机数，以生成 nonce哈希.
4. 客户端将用户输入的用户名，客户端随机数和 nonce哈希发送到服务器.
5. 服务器大概通过用户名从其数据库中检索服务器随机数和用户密码哈希.
6. 服务器将服务器随机数，客户端随机数和密码散列组合在一起，以生成 nonce散列.
7. 服务器将刚生成的 nonce hash 与从客户端发送的 nonce hash 进行比较.
8. 如果哈希匹配，则对客户端进行身份验证.如果不是，则客户端被拒绝.

1. Client requests salt and nonce for user-inputted username from server.
2. Server retrieves salt from its database, presumably via username, and responds with salt and nonce (i.e., hereafter referred to as server nonce).
3. Client uses salt and user-inputted password to generate a password hash and uses the password hash, the server nonce, and its own client nonce to generate a nonce hash.
4. Client sends user-inputted username, client nonce, and nonce hash to server.
5. Server retrieves both server nonce and user password hash from its database, presumably via username.
6. Server combines server nonce, client nonce and password hash to generate a nonce hash.
7. Server compares nonce hash just generated with nonce hash sent from client.
8. If the hashes match, client is authenticated. If not, client is rejected.

这篇关于登录期间是否应使用随机数?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！