SYSKEY, TNG freeze, 2.0.x->TNG merge and other thoughts

Pete Chown Pete.Chown at skygate.co.uk
Thu Feb 10 11:19:19 GMT 2000 

I'll just delurk for a moment...  :-)

James Sutherland wrote:

> You missed my point there. You still end up with an 0600 file which
> controls access to all the passwords - but you also introduce the security
> hole of anyone having access to the plaintext equivalent passwords WITHOUT
> root access. OK, they are obfuscated - with a known algorithm, containing
> lots of known plaintext.

What does that buy you though?  We are not talking about a one way
function, where you could encrypt lots of passwords and see if any of
them generates a hash which is in the SAM database.

You could try differential attacks on the cipher algorithm, I
suppose.  For example, with DES if you get a really massive amount of
known plaintext you can make deductions about the key.  However,
modern algorithms are much more resistant to this type of attack.

> More to the point, this would mean including strong crypto in the Samba
> source code, thus subject to export controls.

It already contains ARC4.

> Finally: Where are when do you decrypt the data? On load - meaning keeping
> the entire SAM in (virtual) memory? Or on demand - meaning heavy CPU usage
> when synchronising databases etc?

I would suggest on demand.  Modern algorithms will easily encrypt 10Mb
per second or more -- it isn't that big an overhead.

The proposed system is not ideal.  There are much better ways of
authenticating.  For example, you can build a system where the server
only has a one-way encrypted version of the password, which is not
plaintext-equivalent, and you can prove that no information is leaked
to anyone monitoring the network during authentication.

We are, however, stuck with Microsoft's hash values.  We want to be
able to store these in LDAP databases and so on as well as in a flat
file, so we have little choice but to use the SYSKEY2 thing.  You
could use the LDAP server's access controls to prevent access to
passwords by unauthorised individuals, but you couldn't protect them
from people listening on the wire.  LDAP over TLS is not supported by
a lot of servers and is a much bigger overhead than the SYSKEY2
scheme.

----------------------------------------------------------------------
      phone +44 (0) 20 8542 7856, fax +44 (0) 20 8543 0176, post:
  Skygate Technology Ltd, 8 Lombard Road, Wimbledon, London, SW19 3TZ

More information about the samba-technical mailing list