Re: Re: Using MD5 and the theory behind it

<CITE>On the web, you might use MD5 to verify a time-limited login. When a user logs in, you make an md5 'hash' (digest) out of their login name, password, a timestamp, and some secret key only you know, and set that as a value of a browser cookie....</CITE>

Why to do this kind of terrible thing?
On my site, I just generate a random session ID and set that as a cookie. On server-side a make association of this session id with user's login name and a 'last access' timestamp. When the user returns, I just check the validity of session Id by following the association.

This has several advatages:

I do not have to compute (slow) MD5 on every request.
Cookie value (SessionId) is random, that means totaly secure. It is not based on user's password or username.
This will accomodate any authentication scheme (e.g. X.509 certs) not just plain passwords.

Comment on Re: Re: Using MD5 and the theory behind it

Replies are listed 'Best First'.
Re: Re: Re: Using MD5 and the theory behind it by eg (Friar) on Jan 10, 2001 at 23:54 UTC
One way I've used hashes is to set the verified user's cookie to be something like: `$cookie = $user_id . $delimiter . hash( $user_id, "host secret passwor +d" );` [download] So on subsequent user accesses, all I need to do is split on the $delimiter and run $user_id, "host secret password" through the hashing algorithm and compare against the hash in the cookie to verify the user. I haven't look at the code at everydevel, but it looks like perlmonks does something similar to this. This trades a (slow) database access for a (slow) hash computation, so I'm not sure if there's a real winner (or if there is, it'll be system-dependent.) Just another option to consider ...	[reply] [d/l]
Re: Re: Re: Using MD5 and the theory behind it by rpc (Monk) on Jan 11, 2001 at 04:11 UTC
Your method is not 'totally secure' because you have to store the nonce in a database. If you generate a SID from an MD5 digest based on user authentication information, this hash does not have to be stored. It can be generated when the cookie is inspected. Also if you run a large site with millions of users, your source of entropy can be depleated quickly, negating any security you would have gained.	[reply]
Re: Re: Re: Re: Using MD5 and the theory behind it by gildir (Pilgrim) on Jan 11, 2001 at 14:02 UTC
That's really an academic debate. I should argue that your scheme depends on security of MD5 algorithm and therefore cannot be more secure than MD5. History shows that even cryptographic hashes has some problems, and if I recall correctly, some of the MD-series hashes did have problems. OTOH, my scheme depends only on security of server, and if attacker can read data from server's database, it will not look at nonce, but directly at the target data stored here. Authentication is here not only for authentication itself, but for data protection, and there is no point making authentication stronger than protection of data itself. And if I have large site, my entropy pool gets exhausted by SSL subsystem in the firts place, so I will need HW crypto-card (RND-generator) anyway.	[reply]