[0.4.13] New login system

est31
Developer
 
Posts: 172
Joined: Mon Dec 29, 2014 01:49

[0.4.13] New login system

by est31 » Sat Aug 22, 2015 01:31

0.4.13 has got a more secure login system, utilizing the SRP protocol. You can still continue using your old passwords from <= 0.4.12, no change needed, but there are some issues it would be good to be aware of.

We had to use a new way of how the server stores the password. This means that if you set your password with 0.4.13, by either logging in the first time (creating the account), or by changing your password from the gui, you can't log in with a <= 0.4.12 client anymore. If you only use your password without changing it, such as only doing login, you can safely use 0.4.13 without losing the capability to log in with 0.4.12 and earlier.

FAQ
    1. What are the technical details? You can read them up in the wiki.
    2. Why do we need such a new way to store the password? The reason is better security of your password. During first login, the client has to send the database verifier, if its the 0.4.12 hash or the srp hash, to the server. Anybody who holds a <= 0.4.12 verifier for your password could log in to all servers where you use the same username and password, and a <= 0.4.12 verifier as well. This is at least the server owner, but could include everybody who can monitor or modify your internet. Somebody who knows the new verifier, can't do this, and only gets a way to brute force your password.
    3. How can I create an account or change my password, and still be abled to log in with 0.4.12 or earlier? Do the password change/account setup with a 0.4.12 client.
    4. I have such a new password value. How can I get an old one? You'll need help from a server admin. Both the /clearpassword and /setpassword make passwords compatible with 0.4.12. So you can ask them to reset your password with one of those commands, and then you should be abled to log in with 0.4.12 and change the password to your real password with the mask.
FAQ for modders and experienced server owners
    1. I have set up my own auth handler, and want to share logins with other services like IRC or a forum. How can I do this? SRP draws its strength from the server not getting the password in clear text, not even for a short time during login. For services like IRC, which are targeted at more experienced users, I'd suggest setting up auth tokens that are server generated, random, stored in clear, and readable by logged in users from ingame, e.g. via a chat command. This way the server never gets the actual password, only auth tokens that are guaranteed to be not shared between servers. Services for all experience levels will have to use the password, there is no better way. You'll need to find out how to do the SRP verifier generation in your specific programming environment, the wiki and SRP's wikipedia page can help. We (the devs) have intentionally not provided a lua call, to prevent abuse.
    2. I have set up my own auth handler, and want to share logins between multiple servers. Is this possible? Yes, logins between multiple minetest servers can still be shared, there is only a salt added, and no value that's different on another server.
    3. auth.txt has now such ugly long lines, I don't like them. Due to the assymetric cryptography done, SRP requires a bit longer verifiers than 160 bit, like for SHA-1 hashes. This can't be made shorter, e.g. by using elliptic curves. On stackexchange, Thomas Pornin gives a good explanation why elliptic curves can't be used.
 

Hybrid Dog
Member
 
Posts: 2477
Joined: Thu Nov 01, 2012 12:46

Re: [0.4.13] New login system

by Hybrid Dog » Fri Sep 11, 2015 12:49

est31 wrote:3. auth.txt has now such ugly long lines, I don't like them. Due to the assymetric cryptography done, SRP requires a bit longer verifiers than 160 bit, like for SHA-1 hashes. This can't be made shorter, e.g. by using elliptic curves. On stackexchange, Thomas Pornin gives a good explanation why elliptic curves can't be used.
[/list]

How about making it shorter with minetest.compress()?
 

User avatar
Ferk
Member
 
Posts: 330
Joined: Tue Aug 18, 2015 17:18
GitHub: Ferk

Re: [0.4.13] New login system

by Ferk » Fri Sep 11, 2015 14:07

Hybrid Dog wrote:How about making it shorter with minetest.compress()?

Maybe this is the wrong place to say it, but I've had bad experience with minetest.compress/decompress. At least in the current version I don't always get the same data when I compress it and decompress it back, specially if the data is big.

I think this is also the reason why saving/restoring mts files doesn't really work properly for big areas (it throws an error saying that the uncompressed size is incorrect or something like that).
{ ☠ Dungeontest ☠ , ᗧ••myarcade•• }
 

est31
Developer
 
Posts: 172
Joined: Mon Dec 29, 2014 01:49

Re: [0.4.13] New login system

by est31 » Sat Sep 12, 2015 05:57

Ferk, can you provide example data, and make a github issue for that?
 

User avatar
Ferk
Member
 
Posts: 330
Joined: Tue Aug 18, 2015 17:18
GitHub: Ferk

Re: [0.4.13] New login system

by Ferk » Sat Sep 12, 2015 09:58

@est31 Done. I did some testing and narrowed down the problem to the more specific case where it happens.
{ ☠ Dungeontest ☠ , ᗧ••myarcade•• }
 


Return to News



Who is online

Users browsing this forum: No registered users and 5 guests