Adding Support for Salted Password Databases to EAP-pwd
RFC 8146

Document Type RFC - Informational (April 2017; No errata)
Updates RFC 5931
Last updated 2017-04-21
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state (None)
Document shepherd Stefan Winter
Shepherd write-up Show (last changed 2016-08-24)
IESG IESG state RFC 8146 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Kathleen Moriarty
Send notices to "Stefan Winter" <stefan.winter@restena.lu>, dharkins@arubanetworks.com
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                        D. Harkins
Request for Comments: 8146                                 HP Enterprise
Updates: 5931                                                 April 2017
Category: Informational
ISSN: 2070-1721

        Adding Support for Salted Password Databases to EAP-pwd

Abstract

   EAP-pwd is an Extensible Authentication Protocol (EAP) method that
   utilizes a shared password for authentication using a technique that
   is resistant to dictionary attacks.  It includes support for raw keys
   and double hashing of a password in the style of Microsoft Challenge
   Handshake Authentication Protocol version 2 (MSCHAPv2), but it does
   not include support for salted passwords.  There are many existing
   databases of salted passwords, and it is desirable to allow their use
   with EAP-pwd.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc8146.

Harkins                       Informational                     [Page 1]
RFC 8146                     NaCled EAP-pwd                   April 2017

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction ....................................................3
      1.1. Background .................................................3
      1.2. Keyword Definition .........................................3
   2. Salted Passwords in EAP-pwd .....................................3
      2.1. Password Preprocessing .....................................3
      2.2. The Salting of a Password ..................................5
      2.3. Using UNIX crypt ...........................................5
      2.4. Using scrypt ...............................................6
      2.5. Using PBKDF2 ...............................................6
      2.6. Protocol Modifications .....................................7
      2.7. Payload Modifications ......................................8
   3. IANA Considerations .............................................8
   4. Security Considerations .........................................9
   5. References ......................................................9
      5.1. Normative References .......................................9
      5.2. Informative References ....................................10
   Acknowledgements ..................................................11
   Author's Address ..................................................11

Harkins                       Informational                     [Page 2]
RFC 8146                     NaCled EAP-pwd                   April 2017

1.  Introduction

1.1.  Background

   Databases of stored passwords present an attractive target for attack
   -- get access to the database, learn the passwords.  To confound such
   attacks, a random "salt" was hashed with the password and the
   resulting digest stored, along with the salt, instead of the raw
   password.  This has the effect of randomizing the password; even if
   two, distinct users have chosen the same password, the stored, and
   salted, password will be different.  It also requires an adversary
   who has compromised the security of the stored database to launch a
   dictionary attack per entry to recover passwords.

   Dictionary attacks, especially using custom hardware, represent real-
   world attacks and merely salting a password is insufficient to
   protect a password database.  To address these attacks, a sequential
Show full document text