Dropbear 2019.77
Matt Johnston
matt at ucc.asn.au
Tue Jun 29 21:37:43 AWST 2021
Hi Roy,
On Tue 29/6/2021, at 7:18 pm, roytam at gmail.com wrote:
>
>> - Make failure delay more consistent to avoid revealing valid usernames, set server password
>> limit of 100 characters. Problem reported by usd responsible disclosure team
>
> What is the technical reason of limiting server password length to
> such a low value? It is even shorter than Windows PATH_MAX which I
> think this doesn't make any sense.
>
>> - Change handling of failed authentication to avoid disclosing valid usernames,
>> CVE-2018-15599.
The problem with longer passwords is that the time taken to calculate a password crypt is dependent on the length of the password. Passwords longer than a certain length will take longer to crypt than the failure delay time - 100 characters was less than what I tried empirically.
That itself wouldn't be a problem if we could just crypt all incoming password attempts before checking a username's existence - the problem is that the password crypt algorithm can vary per user, so the time will vary too. We have to guess which algorithm to use for unknown users. So rather than adding some complicated logic I just limited the password length.
Cheers,
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20210629/592226d2/attachment.htm>
More information about the Dropbear
mailing list