[db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods

Dear Denis,

Thank you for your explanation in detail about what happened in 2011.
It is indeed interesting to know.

-- 
Pierre Kim
pierre.kim.sec at gmail.com
@PierreKimSec
https://pierrekim.github.io/

On 5/5/15, denis walker <ripedenis at yahoo.co.uk> wrote:
> Hi Pierre
> I would like to just clarify a few points in your email.
> Firstly the article you referred to was published in November 2011. At that
> time your could query for a MNTNER object and the MD5 hash was returned.
> Although there was no file available on the FTP site with a list of all
> MNTNER objects, as you know it was possible to download all the other bulk
> object files and create a list of all referenced MNTNER objects. There was
> no limit on how many of these that could be queried so it was not difficult
> to get a list of all MD5 hashes.
>
> Two days later, in November 2011, another article was published outlining
> the process of hiding the MD5
> hasheshttps://labs.ripe.net/Members/denis/securing-md5-hashes-in-the-ripe-database
> This was accepted by the community and it was implemented in January
> 2012https://www.ripe.net/ripe/mail/archives/db-wg/2012-January/003856.html
>  Since then it has not been possible to query for a MNTNER and receive the
> MD5 hash.
> In this second article, and again in the announcement to the DB WG, it
> stated "The RIPE NCC will then contact all the maintainers of MNTNER objects
> containing passwords and ask them to change these for new, strong
> passwords." As far as I remember all MNTNER holders with MD5 passwords were
> contacted and advised to change them.
> cheersDenis WalkerIndependent Netizen
>
>
>       From: Pierre Kim <pierre.kim.sec at gmail.com>
>  To: db-wg at ripe.net
>  Sent: Monday, 4 May 2015, 22:12
>  Subject: [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe
> authentication methods
>
> Dear Database Working Group Members,
>
> I am contacting you to share the thoughts on the usage of MD5 in the
> RIPE database. I already discussed the problems concerning MD5
> authentication with RIPE NCC Security<security at ripe.net> on 2 Apr 2015
> and RIPE NCC Security officer encouraged me to contact your group to
> work together on this issue.
>
> In 2011, I had grabbed all the  MD5s of the RIPE  database before
> they  were taken out from the public view and I don't think I was the
> only security researcher who downloaded all the hashes.
>
> This john-compatible file (containing MNT logins and MD5 hashs) was
> never exposed to public but the  hashs  can  be  (VERY) easily
> cracked. From the discussion with RIPE Security (who received a copy
> of this file), 27.000 usable hashes (on a total of 36.000) appeared to
> be valid til now.
>
> By reading
> https://labs.ripe.net/Members/kranjbar/password-management-in-ripe-database
> , I see : "The MD5 hash is public, when running a single query (not
> for bulk queries)."
> I assume this was a known problem but the RIPE didn't alert that all
> the hashs have been retrieved, although there were some urgency to
> change the passwords or to use a safer authentication method.
>
> When I discussed it with RIPE NCC Security, I gave a 90 day disclosure
> policy about this "public" information, starting from the 16 Apr 2015.
> The 90 day period can be adjusted by adding more days at the end if
> RIPE shows a good progress of the migration. I wanted to do
> responsible disclosure when I saw the RIPE Responsible Disclosure
> Policy which is a Really Good Thing, I think.
>
> According to the RIPE transparency, as recommended by RIPE NCC
> Security, therefore I am now contacting this working group to work
> together because deprecation of MD5 is an important change in the RIPE
> database and it must be debated in a democratic manner.
>
> My analysis is simple: The MD5 authentication is broken for years and
> it's time to change to a more secure method. I think people needs to
> be encouraged to move to SSO authentication. Using MD5 now is unsafe
> and dangerous, especially with unchanged 4 year-old passwords.
>
> Please share your thoughts about this situation. I will be happy to
> debate with you.
>
>
> I want to thank Ivo Dijkhuis, RIPE NCC Information Security Officer,
> for the quality of the exchanges we had.
>
> Regards,
>
> --
> Pierre Kim
> pierre.kim.sec at gmail.com
> @PierreKimSec
> https://pierrekim.github.io/
>
>
>
>