[keycloak-dev] Zero-knowledge proof of password?
Bill Burke
bburke at redhat.com
Wed Mar 8 20:45:41 EST 2017
So, you want to create the hash in the browser or proxy, then transmit
this to Keycloak. Keycloak compares the hash to the precalculated hash
it has stored? I don't see how this is any more secure. You're still
passing the credential (the hash) in clear text.
BTW, I think other issues that make things more complex with client
hashing is if
* You need to bump up the number of hashing iterations. (recommended
value changes every 5 years or so)
* Change the hashing algorithm. (SHA-1 was just broken).
On 3/8/17 6:45 PM, Niels Bertram wrote:
> Hi Peter, your security is only ever as good as the weakest link. Given you transmit the password using SSL up to your VPC why would you need to "strengthen" (obfuscate rather) the password from there to the keycloak socket? From what I have seen there are 2 ways to proxy a message, 1) to tunnel the SSL or 2) reencrypt it in the proxy. Maybe 1) is an option for you as this setup would not decrypt your message ... although this comes with other drawbacks. I am intrigued as to what exactly you are trying to achieve by modifying the messages on the way though a proxy. Any chance you could elaborate on your security requirement?
>
>> On 8 Mar. 2017, at 23:33, Peter K. Boucher <pkboucher801 at gmail.com> wrote:
>>
>> Sorry, I should have described our scenario more thoroughly.
>>
>> We have one of these at the border of our VPC:
>> https://en.wikipedia.org/wiki/TLS_termination_proxy
>>
>> We can accept the risk of data being transmitted in the clear inside the
>> VPC, but we would prefer that passwords not be transmitted in the clear.
>>
>> It's an old problem. NTLM also used a proof of the password rather than
>> transmitting the password for similar reasons.
>>
>> We could force that TLS be used inside the VPC between the TLS termination
>> proxy and Keycloak, but even then, the passwords are decrypted and then
>> re-encrypted.
>>
>> We are considering trying to use something like the client-side hashing
>> described here: https://github.com/dxa4481/clientHashing
>>
>> The question for this group was related to whether anyone has already
>> developed anything along these lines for use with Keycloak.
>>
>> Thanks!
>>
>>
>> -----Original Message-----
>> From: keycloak-dev-bounces at lists.jboss.org
>> [mailto:keycloak-dev-bounces at lists.jboss.org] On Behalf Of Bill Burke
>> Sent: Tuesday, March 7, 2017 6:06 PM
>> To: keycloak-dev at lists.jboss.org
>> Subject: Re: [keycloak-dev] Zero-knowledge proof of password?
>>
>> What does that even mean? Keycloak's SSL mode can forbid non SSL
>> connections. FYI, OIDC requires SSL.
>>
>>
>>> On 3/7/17 4:22 PM, Peter K. Boucher wrote:
>>> Suppose you don't want your passwords transmitted in the clear after SSL
>> is
>>> terminated by a proxy.
>>>
>>>
>>>
>>> Has anyone developed a secure way for the client to prove they have the
>>> password, rather than transmitting it in the body of a post?
>>>
>>> _______________________________________________
>>> keycloak-dev mailing list
>>> keycloak-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list