Update for 02-02-22 14:45

This commit is contained in:
Tyler Perkins 2022-02-02 14:45:01 -05:00
parent 3f68debd82
commit 390f012fa9
3 changed files with 30 additions and 0 deletions

View File

@ -22,6 +22,12 @@ Derived requirements from this,
== means of authentication == == means of authentication ==
* password/pin * password/pin
* ID that goes with password must be unique
* Vulns
* dictionary
* popular password
* password guessing against 1 user
* Social engineering password out of user
* physical token (IE smart card) * physical token (IE smart card)
* static biometrics (IE finger/face) * static biometrics (IE finger/face)

View File

@ -30,6 +30,7 @@ Hiding information
* [[Signatures]] * [[Signatures]]
* [[digital_authentication]] * [[digital_authentication]]
* [[unix_password]]
=== Misc === === Misc ===

23
tech/unix_password.wiki Normal file
View File

@ -0,0 +1,23 @@
= unix password scheme =
== logging in ==
* Take password and salt into hash function
* store it into a local file including
* user id
* salt
* hash
== logging out ==
* User id is fetched as well as salt
* given password is hashed with salt
* compare stored hash against outputted hash
== Improvements ==
* Use MD5 hash
* 48 bit salt
* password length is unlimited
* 128bit hash
* Uses inner loop with 1000 iterations