Daniel Harkins <dharkins(_at_)arubanetworks(_dot_)com> writes:
It might be worth noting that any salted password remote authorization
protocol has the same limitation as this draft's method, viz., that
disclosure of the hash of the salted password allows an attacker to
impersonate a client. That is, that this method is not somehow
deficient because it also has that property.
I don't think that is true. The client needs to know the password,
not the salted
hash.
Maybe I'm misunderstanding you, but I think you're incorrect. Indeed,
your draft says
the salted password from a compromised database can be used directly
to impersonate the EAP-pwd client
The reason that this impersonation can be done is that this is a
*remote* authorization protocol, and there is no way for the server to
compel the attacker to hash what the attacker knows with the salt and
then transmit the result. Whereas in a *local* authorization protocol,
the server compels the user to present the supposed password, and then
the server hashes it with the salt.
Dale