Skip site navigation (1) Skip section navigation (2)

Re: Proposal for encrypting pg_shadow passwords

From: "Joe Conway" <joseph(dot)conway(at)home(dot)com>
To: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Proposal for encrypting pg_shadow passwords
Date: 2001-06-26 04:30:43
Message-ID: 00b501c0fdf8$c399d7d0$0705a8c0@jecw2k1 (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
> -----------------
> The solution for encrypting pg_shadow passwords is to encrypt using a
> salt when stored in pg_shadow, and to generate a random salt for each
> authentication request.  Send _both_ salts to the client, let the client
> double encrypt using the pg_shadow salt first, then the random salt, and
> send it back.  The server encrypt using only the random salt and
> compares.

I posted something on this a few weeks ago. See for details, but the
summary is that it would be better (IMHO) to use HMAC for authentication.
HMAC has
been mathematically proven to be as secure as the underlying hash algorithm
Here's the reference for HMAC --

It would actually work almost identically to what you've described. Store
the password as a hash using MD5 and some salt. Send the password salt and a
random salt to the client. The client uses the password salt with MD5 (and
local knowledge of the plaintext password) to reproduce the stored password,
then calculates an HMAC of the random salt and sends it back. The server
also calculates the HMAC of the random salt using the stored hashed
password, and compares.

Just my 2 cents . . .

-- Joe

In response to


pgsql-hackers by date

Next:From: Jim MercerDate: 2001-06-26 04:33:20
Subject: Re: Encrypting pg_shadow passwords
Previous:From: Bruce MomjianDate: 2001-06-26 04:20:40
Subject: Re: Encrypting pg_shadow passwords

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group