Details
-
Type:
Story
-
Status:
Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 6.2.0 CE M5
-
Fix Version/s: 6.2.0 CE M5
-
Component/s: Security
-
Labels:None
-
Epic/Theme:
-
Similar Issues:
Description
Portal default configuration use SHA-1 to protect passwords stored in the DB. This configuration is insecure.
Secure password storage should:
1, salt passwords
2, use a compute intensive algorithm
For more info on the topic please see https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet.
Goals of the story
1, Change default configuration to a safe one
2, Deprecate weak algorithms
3, Provide support for PBKDF2 algorithm
4, Provide support for changing 'work load' factor for the compute intensive algorithms
5, Provide a migration path for existing deployments
Overview
The current most widely used compute intensive algorithms are BCrypt, PBKDF2 and SCrypt. Alghough SCrypt seems to be the most safe one (employs both space and time complexity), it's not yet proven to be.
The supported algorithms are
- BCrypt
- PBKDF2, which is the default one, because it's more sensitive to performance tuning.
The upgrade process takes into account existing configuration, the new stronger encrypted password is saved into DB only when an user changes the password.
When migrating an old database into 6.2 release:
- presuming oldAlgorithm to be the one used in the old database (SHA by default)
- set: passwords.encryption.algorithm=oldAlgorithm, to keep using the old algorithm for new password hashes
- set: passwords.encryption.algorithm.legacy=oldAlgorithm, to use the new strong algorithm for new hashes
Notes
Performance tuning
Compute intensive algorithms slow down all processes that use password encryption.
These processes are:
1, Login process
2, Change password
3, Import of users from LDAP
To tune the performance, it's recommended to adjust 'work load' factor of the algorithms. This can be done using a configuration of "rounds" taken to encrypt the password:
1, For BCrypt use BCrypt/rounds, e.g. BCrypt/12
2, For PBKDF2 use PBKDF2WithHmacSHA1/key-size/rounds or simply PBKDF2WithHmacSHA1/rounds, e.g. PBKDF2WithHmacSHA1/96000
Hint for adjusting the right value: http://security.stackexchange.com/questions/3959/recommended-of-iterations-when-using-pkbdf2-sha256/3993#3993
Note on possibility of DDoS attack
Compute intesive login process is a good entry point for DDoS attack.
Deployments with a high risk of the attack should customize the default implementation to:
- decentralize the encryption process using more HW
- implement security controls to avoid overloading of the process
Local salt (also known as a pepper) password enhancement
Implementation of the local salt is not part of this story.
Customers interested in increasing security level may customize the default implementation.
Issue Links
- causes
-
LPS-34337
Remember me doesn't work when using passwords.encryption.algorithm with salt
-
-
LPS-34996
Login fails after upgrade to 6.2
-
- is related to
-
LPS-28024
Provide a way to migrate to a different password encryption
-
- relates
-
LPS-33819
As a Portal Administrator, I would like to upgrade existing passwords to use strong encryption
-
FAILED Manual Testing using the following steps:
1. Start up the 6.1.1 CE GA2 bundle.
2. Go to > Control Panel > Server Administration
3. Go to the Properties tab.
4. Search for passwords.encryption*. Check the Value field. It should be a PBKDF2 with a hash
5. Search for company.encryption*. Check the Value field. It should be DEB.
6. Upgrade to 6.2.
– Make sure that the portal-ext.properties has the proper upgrade paths.
– Make sure that the portal-ext.properties has the proper passwords.encryption.algorithm paths are correct.
7. Verify that the upgrade process did not break, especially any database related errors.
8. Sign In.
9. Search for passwords.encryption*. Check the Value field. It should be a PBKDF2 with a hash
10. Search for company.encryption*. Check the Value field. It should be AES.
11. In the portal.properties file, the older algorithms should have been commented out or possibly removed. The default key size is 128. Try 256. If that is too strong, then revert back to 128.
Case 1: "Impersonate"
1. While still running the 6.1.1 bundle, create a user called test1.
2. As the portal administrator, impersonate test1.
3. Sign out of both test and test1.
4. Upgrade to 6.2.
5. Sign in as test and impersonate test1 again.
6. Sign out and then sign in as test1.
Case 2: "Remember Me"
Need to update documentation and warn ppl that if they are upgrading, the remember me feature will break and ppl will have to relogin
(1) Start 6.1, login with "Remember Me" function turned on. Close browser
(2) Upgrade to 6.2, attempt to hit site with browser to see if you are auto logged in. You should not.
(3) Check the Remember Me feature again. Close Browser. Open new browser window and you should be logged back in automatically.
Reproduced on:
Tomcat 7 + MySQL 5. Portal 6.2 CE M4.
Failed on:
Tomcat 7 + MySQL 5. Portal 6.2.x GIT ID: f1e2ff3137685b7dd29f029b537fb8917cbd4086.