Passwords in a distributed system

As Sun say, "the network is the computer", so the security of passwords has to be taken in the context of networked systems where authentication will take place between components on different machines. First a little explanation:

What is security?

Security is the time and effort to subvert the system. Obviously, the level of security provided by a system is relative to the profile of the expected intruder. A simple substitution cipher may be secure against your kid sister, but not against major corporations, governments, or determined computing professionals. For the record, this writep discusses security protocols, rather than specific implementations.

The fundamental theorem of passwords A password authentication system is as secure as the password used.

This means that if the only way into the system is to subvert the password authentication process (steal the password, or somehow pretend to know the password), then the effort to break in is the effort to find out the password (Or learn how to fake it, as in a replay attack).

The components of a secure system

The password of the user (the one who is to be authenticated) must be kept secure by the user, by the authenticator (called the server), and the password must be transmitted securely between the two parties (principals).

Transmission of a password in plaintext over an insecure channel

This means sending the actual password as-is over a communication channel where anyone may easily eavesdrop. No matter how much the principals avoid revealing the password, as soon as it is transmitted over an insecure channel, a malicious party may gain the password and subvet the system.

Schemes that store or transmit passwords as plain text do not provide security: they only prevent benign parties from accidentally invoking functions that they are not intended to. This is valuable, but it is not security.

The solution is to transmit over a channel that is not vulnerable to eavesdropping nor to replay attacks. The construction of such channels may be done using many standard methods, such as ciphers and nonces, but is beyond the scope of this article.

Worse than nothing

Billing such a system as secure when it in fact is not can be worse than no security whatsoever, if there is a realistic chance of the system being attacked, as the user of the system may not take reasonable alternative steps to prevent the system being compromised, or to mitigate against the consequences of an intrusion.

Password storage

Passwords should not be stored where unauthorised users can read them, and preferably not be stored in plaintext. Sadly, the user needs to know the plaintext. For a human user, this is not a problem, as the can just remember the password and never write it down or reveal it to anyone. Of course, this is vulnerable to rubber hose attacks and dumper-truck attacks.

The "server" side is unproblematic, as it does need to know the password. Instead, it is sufficient to store a value that can be computed from one way function over the set of passwords that assigns only one password (value from the domain) to each value in its range.

The user as an automated system is problematic, as for the "user" to know the password it inherently has to be written down. The known solutions are only allowing trusted users on the computer system (this means that you have to trust your admin), and preventing all but authorised users from reading the storage where the password is, using file permissions or whatever appropriate security mechanisms are provided.

The password itself Clearly, the higher the entropy of the password, the better. A random password of sufficient length is secure. The longer the password, the more secure it is.

Unfortunately, users often find random passwords hard to memorise. Passwords which are composed of dictionary words are not very secure, if it is known or correctly surmised that they are made of such words, as the number of words of length n is significantly less than the number of character strings that may be entered from a keyboard of length n. More information about the security of passwords themselves may be found under password cracker.