Re: MD5 passwords explained (was Re: md5 hash question (2))

> -----Original Message-----
> From: Magnus Naeslund(f) [mailto:mag(at)fbab(dot)net]
>
> There seems to be some confusion regarding the md5
> authentication method
> used in postgresql, and i thought it might be good if i typed this
> message so that it can be referred to if anyone asks these questions
> again.
>
> Someone will surely correct me if i'm wrong :)
>
> The password in the database is stored like this:
>
> md5passwd = "md5"+md5(cleartxtpasswd+user);

--- Here something must be wrong ---
I've created a user 't' with thw passwd 't'. The md5 shadow is:

"md5accc9105df5383111407fd5b41255e23"

Then:

echo "tt" | md5sum
"821ccb7eb5157bb2ab3727dc2845d62b"

echo "t+t" | md5sum
6860f8721849d643fe95e0b65a423341

which is different.

>
> When connecting and authenticating this happens:
>
> The server generates a random salt (nonce) and sends it to
> the client.
>
> md5salt = 4 random chars
>
> The client then does this:
>
> md5hash = md5(md5(cleartxtpasswd+user)+md5salt)
>
> and sends it to the server.
>
> The server then does the same on it's side and compares the
> result with
> the hash gotten from the client. If they match the password
> is correct.
>
> This is standard MAC / shared secret stuff.
>
> It's done do avoid sending clear text passwords (or even the
> stored md5
> password, to prevent brute force cracking) over the wire.
>
> Regards
> Magnus
>
>