17. Client-side password
Encryption
State of affairs 2013 - blind trust
TLS/SS
L
Client
, this i
s SAFE
, oooo
hh!
I
se
u
r yp
sc
I’m
t,
no
ol
fo
Server
zorg:~# a=`pidof mysql`
zorg:~# strace -p $a -e crypt -f
18. Client-side password
Encryption
State of affairs 2013 - blind trust
TLS/SS
L
Client
, this i
s SAFE
, oooo
hh!
I
se
u
r yp
sc
I’m
t,
no
ol
fo
Server
zorg:~# a=`pidof mysql`
zorg:~# strace -p $a -e crypt -f
[pregnant silence]
19. Client-side password
Encryption
State of affairs 2013 - blind trust
TLS/SS
L
Client
, this i
s SAFE
, oooo
hh!
I
se
u
r yp
sc
I’m
t,
no
ol
fo
Server
zorg:~# a=`pidof mysql`
zorg:~# strace -p $a -e crypt -f
[pregnant silence]
[pid 9] crypt(“patata”,“$7$21212104040SaLt.$”)
33. Client-side password
Encryption
TLS/SS
L
- but “
trust
Client
[Pub key]
hash=scrypt(pwd) is run
on the client side
msg=PUBi(hash)
in me.
..”
only stores
PUB0(hash)
Server
Priv(PUB0(hash))
==
Login?
Priv(PUBi(hash))
Only the Sibly can answer this
Sibyl
[Priv, Pub] RSA pair