[X-Unix] How secure is OS X storage of Unix passwords

Kuestner, Bjoern Bjoern.Kuestner at drkw.com
Tue Apr 5 00:32:54 PDT 2005 

Thanks James, Eugene.

Just to be clear again: I consider 128-bit AES secure enough for my address
list. (c: But my question was targeted to find the weakest link in a chain
and that is not the 128-bit AES:

Since I (and many others) often use the Keychain application to store the
password, then access to the disk image is only as secure as is access to
the Keychain application. 

Now, access to the Keychain application is in most cases (using the default
keychain) controlled by your login password. So that's when I started
wondering about the security of my password, because that is literally the
key to my disk images!

Somebody trying to break into encrypted data won't start at the most
difficult place like the 128-bit AES encryption but where he considers the
weakest place. Often that is the password itself, which for me hopefully
isn't the case. And I wondered if the next-weakest place might be the
storage of the login password.

To use an analogy: My data are stored in Fort Knox. And that's as safe as
can be. But then the key to Fort Knox might be left under the doormat.

James, since I'm thinking of security even when somebody has full hardware
access, then the fact that "no one but root has access to the shadowhash
files" does not help, right?

Eugene, thanks for pointing out that OS X uses TripleDES for password
storage. So that makes for an effective key length of 112 bit. 

So with a rough estimate there are actually 2^26 less combinations to crack
to access my disk images than one would think 
- if the attacker cracked my login password instead of the disk images
password and 
- if the password is stored in the Keychain app with the default keychain,
i. e. the one using my login password. 

Of course I can get the full 128-bit AES security if I dismiss either "if",
i. e. either not put my password in the Keychain or setup a separate
Keychain that does not use the login password.

Anyway, TripleDES is still pretty secure. Plus, I really don't see anybody
taking up that effort for my data anyway. (c: 

I'm just glad it isn't crypt which is considered pretty insecure, and even
standard DES keys can be broken in "reasonable" time frames, i. e. days or
weeks.

Eugene, how could I have found out myself what algorithm OS X uses for the
passwords. I googled up and down and found nothing. Even now that I also
have the TripleDES password I still don't find a nice Apple or Darwin or man
page or any other "official source" that puts it in one line: "OS X uses
TripleDES to protect passwords."

Thanks,

Bjorn





_______________________________________________
X-Unix mailing list
X-Unix at listserver.themacintoshguy.com
http://listserver.themacintoshguy.com/mailman/listinfo/x-unix

Listmom is trying to clean out his closets! Vintage Mac and random stuff:
         http://search.ebay.com/_W0QQsassZmacguy1984


--------------------------------------------------------------------------------
The information contained herein is confidential and is intended solely for the
addressee. Access by any other party is unauthorised without the express 
written permission of the sender. If you are not the intended recipient, please 
contact the sender either via the company switchboard on +44 (0)20 7623 8000, or
via e-mail return. If you have received this e-mail in error or wish to read our
e-mail disclaimer statement and monitoring policy, please refer to 
http://www.drkw.com/disc/email/ or contact the sender. 3166
--------------------------------------------------------------------------------

More information about the X-Unix mailing list