[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods

Dear working group,

The RIPE NCC has been working together with the chairs on an initial implementation plan to deal with this issue. 

In a nutshell we will encourage (and facilitate) users to update their old passwords or migrate to SSO or PGP starting 29 June, before removing these passwords altogether on 13 July. Regardless of whether the password hashes will be disclosed after the 90 days disclosure period that was communicated to us earlier, we feel that we cannot postpone this given the public exposure this problem has recently had in this working group.

The working group is of course more than welcome to discuss further enhancements in addition to these measures. Such as: changing the hashing algorithm, password ageing, or even deprecating passwords altogether. And if and when consensus is reached on any of those issues, we can plan an implementation.

The plan in more detail:

1) Encourage users to update their passwords


a) Facilitate updating passwords

We will deploy a simple web form next week that allows a user to update an existing password simply by entering the maintainer, the old password, and the new password (twice to catch typos).

While it is technically possible to achieve this using web updates today, it's sufficiently involved to discourage most users of the database.


b) Encourage users to use more secure authentication mechanisms

We have updated the documentation with recommendations on which authentication mechanism to use. In short we encourage the use of SSO accounts for web updates, and PGP signing for sync and mail updates:

https://www.ripe.net/manage-ips-and-asns/db/support/security/protecting-data


c) Alert active maintainers

On Monday 29 June we will send out warning emails to active maintainers (used to create or update objects during the last 12 months) that have old, pre November 2011, passwords.

We will explain the situation and encourage these maintainers to update their passwords using the tool above, or start using PGP or SSO instead as described in the documentation.


d) Alert other users

We will also send out a general announcement about this issue.



2) Remove old passwords

We will remove ALL old passwords on Monday 13 July.

Note that we do not plan to contact inactive maintainers individually beforehand, or send notifications about this change. Instead we will include a remark in these maintainers explaining why these maintainers were locked and refer to the "forgot mntner password process": https://apps.db.ripe.net/change-auth

The reason for this is simple. We are simply not able to handle the additional load of supporting password resets for 20,000 inactive maintainers. We can and will however, deal with access recovery requests for these maintainer as needed.



Kind regards,

Tim Bruijnzeels

Assistant Manager Software Engineering
RIPE NCC



> On 16 Jun 2015, at 22:46, Pierre Kim <pierre.kim.sec at gmail.com> wrote:
> 
> Dear Database Working Group Members,
> 
> Shane, Chris, Daniel - thanks for your proposals.
> As for my understanding on the proposals, it is technically possible
> to force users to change their passwords or to encourage them using a
> stronger authentication method. Also, there seems to be a resistance
> on migrating the hashing algorithm.
> 
> On the other hand, I am concerned MD5 hashes are prone to collision
> attacks from a security perspective. MD5 is an obsolete now. It is
> rather recommended to use another cryptography hashing algorithm to
> encrypt passwords.
> 
> Now, as Shane stated in his interesting post, long transition times
> don't really make much difference and the situation can be fixed with
> a workaround by advocating XX days to fix the credentials by showing a
> warning in whois output. But this doesn't affect the hashing algorithm
> which is prone to collision attacks.
> 
> What are members' views on this?
> 
> Regards,
> 
> On 5/21/15, Daniel Suchy <danny at danysek.cz> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>> 
>> 
>> On 20.5.2015 20:29, Christiaan Ottow wrote:
>>> I agree, but does somebody see what impact it has to lock the
>>> maintainers that don’t update their passwords? How do we get them
>>> out of the locked state again?
>> 
>> There's procedure for lost MNTNER password recovery, I think this is
>> enough even for these cases... :-)
>> 
>> https://apps.db.ripe.net/change-auth/#/
>> 
>> - -Daniel
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v2
>> 
>> iQIcBAEBCAAGBQJVXPDBAAoJEKa4QYLLxXGSzxkP/25McuP6Wr3v65m9JgZ/1doc
>> 6QmJixoDNC58vUNKLscFL0/6lpzLWgpjbbzx/4ZzQ9u9yKFifS437Dg9cSapIapQ
>> lU2ZCxW7K0w3LZBHjwISHfCt4ru4W0x+IKxN03iOqA5dLRQFGtG1DsIAhr1Axl5x
>> ViAs985GqMXBPC06mHfAhD+pjmht3bnGKMUsU6qcQ4cRyuId/QOCFF4tsjSqoFT3
>> dJsMqc4SCg2Whu1d0oU70cS2k8s5aVL2MTmHYTtMxFZC1lN7zlo0N85pCPFict0K
>> mOwCwSsQq1RSqNSmwXrBnbvEkik4jxEkhd7uhzqKFXe/EI5h5K3s7I7KDO2T+Y99
>> SFoa5jZkqYw0dsKjYLduO9MlCZyzhFA9CHEcYVpojVpPZpj5RQ48bFmsLBo56wNO
>> Yn0gPmcPbreXfphY4gfrl0MihRHPI9Dwm3Z2jtFh0F3i/GjrML2Q3qvYnXyTxfJw
>> ViwOVldN5MxtgnEdh08jVjBHb7LIIXPtrRakc7P4Yaxq3zEkXWTx/IOdtEXpUCqX
>> tDieNhsGu0L7gTtEOW9P6XB8pxtp4ZX0zcm8N4zqFN2MMjjo1wK91v3tKJUVtNSn
>> Xzp72Ii3qT+kmj/EiU+TxsjkPvLyVZU6sOMD+3+s3dcjK/9VNheI/wKmQd5pxHCL
>> oMYcxbqPJCG+ukyD9Iy4
>> =MoPX
>> -----END PGP SIGNATURE-----
>> 
>> 
> 
> 
> -- 
> Pierre Kim
> pierre.kim.sec at gmail.com
> @PierreKimSec
> https://pierrekim.github.io/
>