[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Hashed password behaviour

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Hashed password behaviour
From: teor <teor2345@xxxxxxxxx>
Date: Sun, 15 Oct 2017 07:49:38 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 15 Oct 2017 07:49:55 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:date:subject:message-id :references:in-reply-to:to; bh=1AbVhORPL8GGIKP5RCNTJd8a8uYA0f292Kg6JM8LaKQ=; b=XGW2pYTqP7iNQ+dm9FQbboFlXoGcMXH+R/UVKxXFHawq1RU67kUXjHx4bRwnjLvJss zk5z62z+z3PhmBqe5P5MqRf8ethot8+wDSOq4ONvoyuTBLxw5Z4u7m0Yc39gwYdlf0dc 828/V6wM/5372m+/jtsFAWsGCktX3KWNebVet6AcQbZU3sy/c3ovz0TLVOsRIRxd/8+1 qxUDlMTBymCqx75fUCaubthj/c3M+pgalBuked/vB2Ob5NboLLh23rWvdtYp5HBN0Adt Z5/9Xu5MNHUKyHe/y9kYpErZArw1Vi1bBU7ZuGaH+V+BhVcRhwgr/wEdiQwf6N/WyzKV iZ+g==
In-reply-to: <1508066790.708037.1139266128.0656BD44@webmail.messagingengine.com>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <1508027632.3892598.1139001208.0C6D3CAA@webmail.messagingengine.com> <408B5C82-2B57-437A-8512-B40520249F5E@gmail.com> <1508066790.708037.1139266128.0656BD44@webmail.messagingengine.com>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On 15 Oct 2017, at 07:26, Geoff Down <geoffdown@xxxxxxxxxxxx> wrote:

On Sun, Oct 15, 2017, at 01:51 AM, teor wrote:

On 14 Oct 2017, at 20:33, Geoff Down <geoffdown@xxxxxxxxxxxx> wrote:

Hello all,
what sort of crazy bug would make Tor give different hashes for the same
password?

$ tor --hash-password hello
16:735E6FA5355D4146606AFE25B61B411DF419878C99705164D038FC99BC
$ tor --hash-password hello
16:8201E7D35BB8CACB60BF8947B49A3480BA1A17E77EDA8BE45790746884
$ tor --version
Tor version 0.3.1.7 (git-6babd3d9ba9318b3).

This is normal behaviour for salted hashes.

But which one then goes in the torrc?

Either.

If one doesn't work, that's a bug (or there's an extra space in the password).

And how then can the password sent to the control port be matched if its
hash changes?

HashedControlPassword contains algorithm,salt,hash(algorithm,salt,password)

The password is hashed with the salt using an algorithm, and the hash is

matched against hash(algorithm,salt,password).

Surely a salted hash has to use the same salt every time?

No, it's precisely the opposite: a salted hash provides protection

*because* it uses a different salt every time. This protects against

rainbow tables, which contain hashes of common password strings

(or in some cases, all sufficiently short strings).

Some background that may be helpful:

https://en.m.wikipedia.org/wiki/Salt_(cryptography)

T

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Hashed password behaviour
  - From: Geoff Down

References:
- [tor-relays] Hashed password behaviour
  - From: Geoff Down
- Re: [tor-relays] Hashed password behaviour
  - From: teor
- Re: [tor-relays] Hashed password behaviour
  - From: Geoff Down

Prev by Author: Re: [tor-relays] Testing Golang relay implementation
Next by Author: Re: [tor-relays] Relay DDoS attack?
Previous by thread: Re: [tor-relays] Hashed password behaviour
Next by thread: Re: [tor-relays] Hashed password behaviour
Index(es):
- Author
- Thread