tags:

views:

2301

answers:

2
+2  Q: 

md5 hash for password string in GWT/GWT-Ext?

Hi everyone,

I am currently trying to modify an existing GWT-Ext application, that is using plain text passwords in its MySql database.

My plan was to use md5 hashes, as the existing passwords can be easily altered with the MySql function and I was expecting to find an easy solution for the GWT-Ext side as well. But as I found out, java.security is not supported by GWT and there doesn't seem to be any other implementation that can be used to change the password string to a md5 hash on client side.

Only "solution" I found so far, is to re implement a md5 method via JSNI as described here: http://groups.google.com/group/Google-Web-Toolkit/browse_thread/thread/ad09475a9944c9f8

There is an existing user extension for Ext-JS, but I couldn't find anything for GWT-Ext: http://extjs.com/forum/showthread.php?p=133516

Does anybody know a more elegant/simple way to solve this problem? Maybe I should use something else instead of md5 to make sure the passwords are encrypted?

Cheers Frank

+6  A: 

Personally, I would say you're doing it wrong. I wouldn't hash a password on the client side (which is what GWT is). If you hash your password, you will undoubtedly want to salt it, otherwise you will be susceptible to rainbow attacks. If you hash + salt it on the client side, your salt will be accessible to your users.

If I were you, I would hash + salt your password on the server side. This will allow you to use your standard Java code to perform your MD5 hash.

My 2 cents.

-JP

JP  2009-08-06 17:17:09
Its not a bad scheme if he does something like cram-md5 on the client side, where the client computes a hmac (md5 hash plus a nonce salt) and sends it to the server. The down side is that the server needs clear text password to check the hmac.
Trevor Harrison  2009-08-06 18:59:02
good point about the rainbow attacks, didn't knew about this before. I also solved it by doing the encryption on the server side, but the idea was, that I wanted to encrypt the password, before sending it to the server, as we currently only use http and no https.
FrankS  2009-08-06 21:27:57
GWT is client-side and server side. Other than that, the post is good advice. Don't hash it on the client side. Have a look at http://www.owasp.org/index.php/Hashing_Java.
Don Branson  2009-09-01 12:33:05
+4  A: 

Another idea that may fit your need is something called zero knowledge auth. (Ie. the server never needs to know the user's plain text password.)

Basically, when setting the initial password, the client hashes the user's password N times (where N is a largish number like 1000), and then sends that final hash to the server along with N. The server stores the hash and N.

Later, when the user wants to authenticate, the server tells the client N-1, and the client hashes the password the user types N-1 times and sends that to the server. The server does 1 more hash on the received hash, and (hopefully) gets the stored hash. The server then stores the N-1 hash and N-1 number.

Each time the user authenticates, the server decrements the stored N and saves the previous hash.

When N gets down to 0, the user must choose and set a new password.

The server must ensure that it never asks for the same iteration, otherwise it is vulnerable to a replay. You can't really enforce that condition from the client side because the client (especially a browser) can't reliably keep track of the last N.

Trevor Harrison  2009-08-07 00:14:29
Very interesting idea, and never thought of that before. Doesn't really fit in the current solution, but I will keep it in mind for future reference, thanks :-)
FrankS  2009-08-07 07:59:20
Interesting idea so I spent some time thinking about it, but it is vulnerable to a man-in-the-middle attack.On an authentication request, the server sends some number M. The attacker sends (M-1) to the client, and receives hash(M-1) back. The attacker tries to authenticate again, receives challenge (M-1) from the server and responds with hash(M-1). The attacker is now authenticated.
rix0rrr  2010-01-06 11:14:44
yes, that does sound like an issue. My first thought would be to require the server to not reuse M after issuing it during a challenge to the client. However, the larger issue remains that Mallory could tell the client M-100, collect the hash(M-100) from the client, and then login up to 100 times with the intercepted hash. I'll have to go see if the project that I first encountered this in found the same issues and dealt with it or abandoned zero knowledge auth.
Trevor Harrison  2010-01-06 16:57:40

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java