mistotebe
commented
9 months ago PRs should be targeting master, please adjust.
Closed GuidoKiener closed 9 months ago
mistotebe
commented
9 months ago PRs should be targeting master, please adjust.
GuidoKiener
commented
9 months ago PRs should be targeting master, please adjust.
Thanks. It's now reopened in #815.
Using mechanism SCRAM, a client does not abort authentication when the given iteration counter is lower than 4096.
A hostile server can send a small iteration counter (e.g. 1) and forces the client to send a ClientProof that is calculated with lowest computation time. Thus the hostile server can recover the client's password faster with an offline dictionary or brute-force attack.
This fix compares the iteration counter with the recommended minimum of 4096 and aborts the authentication if the server violates the recommended minimum.