how to properly secure non-ssl logins (php + ajax)
Lea Kissner
chialea at gmail.com
Tue Feb 17 14:34:27 EST 2009
[Moderator's note: top posting is not considered good form. --Perry]
Hi Rene,
I suspect from reading this quickly that you may not be a cryptographer. I'd
highly suggest that you borrow one for a bit before you go ahead with this.
I'm having a bit of trouble reading exactly what you want to do, but I am
fairly sure that this isn't as secure as you'd like. (Heck, I can probably
help you out with this, but not today because I'm swamped.)
Thanks,
Lea
On Sun, Feb 15, 2009 at 4:30 AM, Rene Veerman <rene7705 at gmail.com> wrote:
> Hi.
>
> Recently, on both the jQuery(.com) and PHP mailinglists, a question has
> arisen on how to properly secure a login form for a non-ssl web-application.
> But the replies have been "get ssl".. :(
>
> I disagree, and think that with a proper layout of authentication
> architecture, one can really secure a login system without having the
> administrative overhead of installing SSL everywhere, and the monetary cost
> for a SSL certificate for each domain.
>
> I wish to code such a solution into a really-free library (so probably LGPL
> or GPL + MIT) over the next 2 to 5 months.
> This library would be a complete SQL, PHP & javascript package (jQuery
> "plugged in"), targetted for the novice programmer.
>
> I'm halfway (or more?) there, i think.
> For my own CMS, i have taken the following approach, which i'd like to hear
> your improvements on:
>
> (For onewayHash() i have MD5 and SHA256 implementations in both JS and
> PHP..)
>
> //// SQL:
>
> create table users (
> user_id integer,
> user_login_name varchar(250),
> user_login_hash varchar(250),
> user_password_hash varchar(250),
> ....other fields....
> primary key (user_id)
> );
>
> create table preferences (
> pref_system_hash varchar(250)
> ....
> );
>
> //// PHP (pseudo-code) , on system installation:
> preferences.pref_system_hash = onewayHash ( randomStringLength(100) );
>
> //// PHP , on user-create:
>
> users[user_id].user_login_hash = onewayHash(user_login_name +
> preferences.pref_system_hash);
> users[user_id].user_password_hash = onewayHash ("someGooodPasswordNot" +
> preferences.pref_system_hash);
>
> //// PHP, on request of a login form:
>
> challenge = makeNewChallenge ();
> //checks since when [browser IP] has last received a new challenge,
> if < threshold : make a new challenge. else return old challenge.
> //a challenge is a random string (+ special chars) pushed through the
> onewayHash function.
>
> html = '
> <form id="loginForm">
> <input type="hidden" id="sh" name="sh"
> value="preferences.pref_system_hash">
> <input type="hidden" id="ch" name="ch" value="challenge">
> <input id="plain_user" name="plain_user"/>
> <input id="plain_pass" name="plain_pass"/>
> <input type="hidden" id="user_hash" name="user_hash"/>
> <input type="hidden" id="pass_hash" name="pass_hash"/>
> </form>
> ';
> sendHTMLtoBrowser (html);
>
> //// Javascript: on page with login form:
>
> jQuery('#loginForm').submit (function () {
> var sh = jQuery('#sh')[0]; //same for ch, plain_user, plain_pass,
> all the inputs in the html form.
> ....
>
> user_hash = onewayHash ( onewayHash ( plain_user.value + sh.value )
> + challenge );
> //same for pass_hash basically
>
> plain_user.value = ''; //clear out the plain text fields so they
> dont get transmitted (same for plain_pass ofcourse)
>
> jQuery.ajax ( /* submit login form through POST, handle results */
> )
> }
>
>
> //// PHP, on receiving the login form data:
>
> // walk through all the records in users table, for each, calculate:
> user_hash = onewayHash ( users[user_id].user_login_hash + challenge
> );
> pass_hash = onewayHash ( users[user_id].user_password_hash +
> challenge );
>
> // if they match what was sent, then it's the user we're looking for
> with the right password, so their $_SESSION['authenticated_user'] = updated.
>
> ////
>
>
> If you have a completely alternative way of securing a non-ssl login form,
> i'd like to hear about it too.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list