"Juniper's VPN security hole is proof that govt backdoors are bonkers"
What’s wrong with these people?
Is it because mathematics has been dropped from the engineering syllabus at universities, or is it because everyone employs the same incompetent security people to do the architecture of their security system?
Making the whole thing bulletproof is easy, and I’ll explain how it’s done – if only to show how little understanding there is of basic principles.
First, this is a two-part process, so pay attention to the two Important Parts, and how they support each other.
To make it work, you need to store the hash (SHA256, preferably) of the password in your database. So far, so good – this is the way Unix, and even Microsoft does it.
Next, to authenticate the user, you need a public key exchange protocol, the best of which is Diffie-Hellman. Here’s Important Bit Number One: With each connection, you throw away the private keys, and generate new public keys.
Once you have a secure connection, you encrypt the transmission in both directions, using the private key, and AES256, then send the user this kind of matrix:
The user enters the pattern of ones and zeros, which correspond to his password, encrypts the result with his private key. Now here’s Important Bit Number Two: The pattern of ones and zeros is random, and different with each login attempt.
At the server, we take the matrix components, and brute-force the received solution, taking the hash of each solution, and comparing it with all the database entries.
Note the following:
1. There are no encryption keys left on either end of the system
2. The clear password doesn’t exist at either end of the system, and is never transmitted.
3. Theft of the database yields the hacker a lot of meaningless hash values
4. Nobody on the inside – not even root – can compromise the system.
5. If the hacker tries to brute-force the encryption, it’ll take 10^23 years to get the private keys. These will be useless after the current session is terminated and, by that time, dinosaurs will have returned to the earth.
6. If the hacker succeeds in solving the Discrete Logarithm Problem in less than 10^23 years, he then has to hack the password from the random pattern of ones and zeros. If he succeeds, he won’t know he’s succeeded, since he won’t know which of the hashes corresponds to each hack result.
Also, guess what? That solution is only good until the current session terminates. Then, he has to start again
I submit that this is totally bulletproof, and don’t buy the surmise that ‘everyone will get hacked sometime’
This is actually available as a commercial product, but since this is just a technical rant, instead of telling you where to get it, I’ll merely suggest that you drop me an email.