Chats v3:Dev Notepad:Security

From PJJ Wiki

Contents 1 Ideas 2 Issues 3 Status 4 Links

Ideas

• Passwords will be stored in two fields: Salt and SHA(SHA(password)+Salt). This will prevent correlating users by their stored password, should anyone gain access to the database.
• Linked parent/child handles may share salt and hash. Not sure whether that should be the model.
• When a user changes password a new salt is generated.
• Authentication will be done with a CHAP mechanism. Each session will be assigned a random unique challenge phrase, which will be re-calculated after use (must not use same challenge twice). Login forms will be sent both the challenge phrase and the salt, and will have to reply with SHA(SHA(SHA(password)+Salt)+Challenge) which can calculated on submit using JavaScript SHA1 algorithms. In case the client has JavaScript turned off (or SHA1 doesn't work for them), they'll have to live with less security by sending their password in plaintext.

Issues

• Having both Salt and Challenge will make it a two-step login; first to say who you want to log in as so you can be sent the correct Salt, then to log in using Salt+Challenge. To make it a single-step login either Salt or Challenge must be sacrificed.
• Salt will be sacrificed, since users are encouraged to link their names which would also link the passwords, thus making the correlation point kinda moot.

Status

• Passwords are now stored only as SHA1 hashes, without salts. MD5 passwords have been removed.
• CHAP login is enabled for all regular logins.
• Auto-login needs fixing with a client-side JavaScript form-submit-thingy.

Links

• JS libraries for MD4, MD5, SHA1