Upgrade BOINC password hashing mechanism from [md5+salt] -> Bcrypt/Argon2i/Other

gridcoin-community / Gridcoin-Tasks

Gridcoin community tasks repository

https://gridcoin.us

MIT License

24 stars 5 forks source link

Upgrade BOINC password hashing mechanism from [md5+salt] -> Bcrypt/Argon2i/Other #81

Closed skcin closed 4 years ago

skcin commented 6 years ago

Issue by grctest Thursday Feb 02, 2017 at 12:27 GMT Originally opened as https://github.com/Erkan-Yilmaz/Gridcoin-tasks/issues/78

The current BOINC password hashing mechanism is quite insecure, migrating BOINC to a far more secure password hashing mechanism (such as Bcrypt/Argon2i/Other) is a good idea in the (hopefully near) future.

The change may require a mandatory upgrade of BOINC clients (which may be a nightmare for the BOINC community, as many do not upgrade their BOINC clients).

Perhaps a foundation-funded bounty would help get this improvement implemented sooner?

https://github.com/BOINC/boinc/issues/1644#issuecomment-272883362

https://github.com/grctest/project-rain-site/issues/9

Argon2i would require an upgrade of PHP from 5.x to 7.x https://github.com/grctest/project-rain-site/issues/10

skcin commented 6 years ago

Comment by grctest Thursday Apr 06, 2017 at 00:35 GMT

Tried to get IBM's cybersecurity division aware of this issue, no response yet.

https://twitter.com/customminer/status/848514937001529351

skcin commented 6 years ago

Comment by grctest Wednesday Apr 12, 2017 at 10:51 GMT

In the mean time, a new project could completely block the use of username+password, in favour of using oAuth since it's somewhat supported by the BOINC web server & instruct users to add hosts to their account via their weak auth key.

Advantages:

No account keys stored on user's computers
Minimize usage of weak password hashes
Minimize risk of cross-project compromise

Disadvantages:

Increased signup complexity for users
Invasion of privacy concerns using oAuth?
Blocking of account managers and gridcoin pools

skcin commented 6 years ago

Comment by tomasbrod Wednesday Apr 12, 2017 at 16:03 GMT

I suppor this! anything is better than MD5. Switching to BCrypt can even be done without a mandatory update. Tell mi if I should elaborate.

When BOINC account security changes in a way that requires mandatory upgrade then definitely Secure Remote Password or equivalent should be considered. It provides strong security even with weak and reused passwords. You could safely use the same password with multiple projects. http://srp.stanford.edu/ (the javascript demo is outdated, better impl exists)

skcin commented 6 years ago

Comment by grctest Wednesday Apr 12, 2017 at 16:41 GMT

Tell me if I should elaborate.

Please, go ahead. The migration involves ~4million accounts, it's a pretty daunting task.

skcin commented 6 years ago

Comment by tomasbrod Friday Apr 14, 2017 at 12:10 GMT

Well you let the users login using the old method but continuously nag them to change their password. Once they do, the new password is encrypted in the new format and no logins from old clients is allowed. Maybe add a checkbox that says "do you agree... update boinc required..." to be nice. The database just needs extra column to accomodate new password format. Even SRP could be implemented this way. SRP in boinc client requires OpenSSL. SPR for web login requires javascript library OR boinc manager to provide authentication token.

Edit: https://github.com/RuslanZavacky/srp-6a-demo Also: http://dev.minetest.net/Network_Protocol#Authentication