Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-32618

PARSEC Authentication Plugin

    XMLWordPrintable

Details

    Description

      New auth plugin:

      • uses KDF (try to use what openssl provides)
      • salted
      • uses server- and client-side scrambles
      • set as default auth plugin
      • ed25519 based? (or try to use what openssl provides)
      • support old hashes?

      reduce roundtrips:

      • set as default (MDEV-12320)
      • allow clients to provide the salt (--plugin-salt=XXX)
        • if it's incorrect — connection fails.
        • PASSWORD() returns the salt in a Note
      revised idea

      Password generation and storage

      • the KDF function is pbkdf2 (supported by everything, including windows native, Java, javascript, PHP, .NET
      • parameters to the pbkdf2 are stored in with authentication plugin data : hash function (SHA512,SHA256), iteration count, salt, key_length, together with derived key = PBKDF2(func, password, salt, iteration_count, key_length)
      • number of iterations is a power of 2, greater than 9
      • the algorithm is ed25519, "hash" is the public key generated using ed25519 from the PBKDF2(password)

      The authentication string, stored by the server, is

      concat('P', conv(log2(iterations)-10, 10, 62), ':', base64(salt), ':', base64(hash))

      that e.g. P0:WW9sXaaL/o:vubFBzIrapbfHct1/J72dnUryz5VS7lA6XHH8sIx4TI

      • it consists of colon-separated fields
      • first field is 'P' (denotes KDF algorithm = PBKDF2) and the number of iterations, '0' means 1024, '1' means 2048, etc
      • then salt
      • then the password hash

      Let's call everything except the password hash the ext-salt, in the example above it's P0:WW9sXaaL/o

      Login process, packet exchange

      1. Server sends the welcome packet with a 32-byte random scramble

      2 . if the ext-salt was specified in the .my.cnf, the client skips to step 4, otherwise it sends the user name (and nothing else) to the server

      3. Server sends the ext-salt to the client

      4. Client sends the random 32-byte scramble, and the concat(server scramble, client scramble) ed25519-signed by a secret key generated from the PBKDF2(password, ext-salt)

      5. Server replies with "ok" or "acces denied"

      first idea

      Rough idea

      • the KDF function is pbkdf2 (supported by everything, including windows native, Java, javascript, PHP, .NET
      • parameters to the pbkdf2 are stored in with authentication plugin data : hash function (SHA512,SHA256), interation count, salt, key_length, together with derived key = PBKDF2(func, password, oalt, iteration_count, key_length)

      Login process, packet exchange

      1. Server sends ServerPluginParameters message with hash function, interation count, salt, key_length.
      This is the only unencrypted message during entire exchange

      2 . Client computes derived key from password and parameters:
      derived_key= PBKDF2(hash_func, password, salt, iteration_count, key_length)
      Client sends ServerVerificationChallenge = AES_ENCRYPT(client_scramble,derived_key) to server

      3. server decrypts ServerVerificationChallenge and sends

      ServerVerificationResponse = AES_ENCRYPT(concat(server_scramble,client_scramble)), derived_key))

      4. client verifies AES_DECRYPT(ServerVerificationResponse, derived_key) =concat(server_scramble,client_scramble).
      If they don't match, client could not verify the server, and error is reported.

      Client still has to prove it has the password, not just the derived key
      So it sends
      ClientEncryptedPassword message = AES_ENCRYPT(concat(hash_func(password),server_scramble,client_scramble)),derived_key)

      5. Server verifies the client
      a) tmp = AES_DECRYPT(ClientEncryptedPassword. derived_key)
      b) hashed_password=substr(tmp, hash_length)
      c) derived_key2 = PBKDF2(hash_func, hashed_password, salt, iteration_count, key_length)
      and compares derived_key and derived_key2 for equality, (due to the HMAC_collisions property of pbkdf2, password and hash_func(password) would produce the same keys)
      Server sends OK or ERR packet

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34424 Replica server crashes with an invalid pointer when using a user created with the PARSEC plugin for replication

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34742 parsec client doesn't build on OS X

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34743 PARSEC client doesn't work on Windows

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34854 Parsec sends garbage when using an empty password

          • Blocker - Blocks development and/or testing work, production could not run.
          • Stalled
          is blocked by

          Task - A task that needs to be done. MDEV-35254 PARSEC plugin should allow DBAs to specify number of iterations

          • Major - Major loss of function.
          • Open
          relates to

          New Feature - A new feature of the product, which has yet to be developed. CONC-705 support plugin->options() method

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. CONJ-1193 Implement parsec authentication

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. CONJS-299 Parsec authentication implementation

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34744 server cannot load client plugins on Debian

          • Critical - Crashes, loss of data, severe memory leak.
          • Open

          Task - A task that needs to be done. MDEV-34846 PARSEC authentication improvement

          • Major - Major loss of function.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. MDEV-34933 The test plugins.rpl_auth uses not_msan.inc without a good reason

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MXS-5130 Support for PARSEC auth plugin from MDEV-32618

          • Major - Major loss of function.
          • Open

          New Feature - A new feature of the product, which has yet to be developed. MDEV-12320 configurable default authentication plugin for the server

          • Critical - Crashes, loss of data, severe memory leak.
          • Stalled
          links to

          Web Link Documentation

          Web Link OWASP Password Storage Cheat Sheet

          Activity

            People

              nikitamalyavin Nikita Malyavin
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.