Title :
On the Security of Digest Access Authentication
Author_Institution :
Sch. of Comput., Nat. Univ. of Defense Technol., Changsha, China
Abstract :
Digest Access Authentication was originally proposed to provide peer authentication and data encryption in HTTP protocols. It has been widely employed along with the deployment of SASL. In this paper, we implement a password recovery attack to Digest Access Authentication that can recover passwords as long as 48 characters in overall off-line computation about 235 MD5 compressions and 8084 on-line queries. This confirms that the security of Digest Access Authentication is totally broken, and all applications based on that must be re-evaluated seriously. Further, we prove that the security of the hashing scheme H(C||P), where H is a hash function, C is a challenge and P is a shared password, is totally dependent on the collision resistance of H, instead of the pre-image resistance. Such scheme can´t be used in challenge and response protocols to protect the shared password. Finally, we prove that some hashing schemes like H(H(C||P)) provide no more security than H(C||P), in the aspect of collision resistance.
Keywords :
cryptographic protocols; transport protocols; HTTP protocols; SASL deployment; collision resistance; data encryption; digest access authentication; digest access authentication security; hashing scheme; peer authentication encryption; preimage resistance; Authentication; Complexity theory; Educational institutions; Protocols; Resistance; Servers; Access Authentication; Challenge and Response; Collision Attack; Hash Function; Password Recovery;
Conference_Titel :
Computational Science and Engineering (CSE), 2011 IEEE 14th International Conference on
Conference_Location :
Dalian, Liaoning
Print_ISBN :
978-1-4577-0974-6
DOI :
10.1109/CSE.2011.79
