Subj : FTS-1027 (BinkP 1.0 CRAM)
To   : Rob Swindell
From : Alexey Vissarionov
Date : Thu Mar 08 2018 09:09 am

Good ${greeting_time}, Rob!

07 Mar 2018 18:52:54, you wrote to All:

RS> In the development of a new binkp implementation
RS> (http://wiki.synchro.net/module:binkit), *we* came across a
RS> deficiency in the FTSC document: FTS-1027.
RS> Regarding this text:
RS> 1.3 Generating and Transmitting Challenge Data
RS> Size and contents of challenge data are implementation-dependent, but
RS> it SHOULD be no smaller than 8 bytes and no bigger than 64 bytes

64 to 512 bits... that resembles one pretty good cryptographic transform.

RS> Let it be known that the reference binkp implementation, binkd, has
RS> (apparently) only ever sent a 16 byte CRAM challenge (no more, no
RS> less)

IIRC, that's some random data whitened by MD5 hash function. Now MD5 is proven
to be unsafe(*), so the implementations should replace it with not-yet-broken
crypto-safe functions like SHA2 or Skein.

RS> and some implementations (e.g. Internet Rex) only work (succesfully
RS> authenticate) if the received challenge is exactly 16 bytes (no more,
RS> no less).

That's a bug. Have you reported it to the developers of those mailers?

RS> There's no mention of a 16 byte CRAM challenge (32 hex characters)
RS> in the specification, but 16 bytes appears to be exactly what all
RS> existing implementations actually send

8 < 16 < 64

RS> and probably all any implementation should *ever* send if they wish
RS> to be compatible will all known existing implementations.

What if they wish to be compatible with the published standard based on very
popular reference implementation?

RS> I just felt this should be documented, if it isn't already, by the
RS> FTSC.

Over 80% of all IBN-capable systems use binkd, so its' behavior still is the
current practice, which is exactly documented by FTSC.


(*)
Look at these two images: http://pics.rsh.ru/img/md5_collision_image2_26j2eiqr.jpg
http://pics.rsh.ru/img/md5_collision_image1_5l7k706x.jpg

Now download them and compare their sizes and MD5 sums :-)


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-cmlxxvii-mmxlviii

... god@universe:~ # cvs up && make world
--- /bin/vi
* Origin: http://openwall.com/Owl (2:5020/545)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.