Yaping's Weblog

September 2, 2008


Filed under: Oracle — Yaping @ 2:25 am
Tags: ,

The main password encryption principles are:
1.       Enforcement of Complex Passwords
2.       Use of Salted Passwords
3.       Slow One-way Algorithm

We should consider to forcibly use complex password and password lifetime, this principle can be defined within the system. At the same time, we also should consider to adopt password management tools, such as password2000, to mange password conveniently.
It will be hard to crack the password if salted value is used, even though this salted value is clear text or known.
Slow one-way algorithm makes encrypt slowly, it need more time to get the final cipher. And we can change the encrypt algorithm at the mid-way, it will be more difficult to crack this algorithm.
Assume that it can calculate 1 million final ciphers every one second if it uses one pass to encrypt password. It’ll be just 10 thousand final ciphers if use the calculated value to repeat encrypt 1 hundred times. This means it needs one day to crack out the password before, now it needs 100 days. If the password lifetime is 30 days, this password has been changed before the old password is cracked.

Oracle Password Mechanism:
1.       Concatenate the username and the password to produce a plaintext string;
2.       Convert the plaintext string to uppercase characters;
3.       Convert the plaintext string to multi-byte storage format; ASCII characters have the high byte set to 0×00;
4.       Encrypt the plaintext string (padded with 0s if necessary to the next even block length) using the DES algorithm in cipher block chaining (CBC) mode with a fixed key value of 0×0123456789ABCDEF;
5.       Encrypt the plaintext string again with DES-CBC, but using the last block of the output of the previous step (ignoring parity bits) as the encryption key. The last block of the output is converted into a printable string to produce the password hash value.

Weak Salt Selection
Oracle password hashes use a non-conventional technique for salt selection by prepending the username to the password before calculating the hash.

Firstly, it is quite possible to obtain information about a user password based solely on its hash value and the known credentials of another user.

A second weakness is the use of non-random salt values. Although the salt used can still reduce the effectiveness of a precomputed dictionary attack against a large password hash table, an attacker could still precompute a table of possible passwords using a common username (e.g. SYSTEM), and use it to attempt to recover the password for this particular user in many different systems.

@>alter user system identified by p1;
User altered.
@>alter user sys identified by temp1;
User altered.
@>select username, password from dba_users where username like ‘SYS%’;
USERNAME                       PASSWORD
—————————— ——————————
SYS                            2E1168309B5B9B7A
SYSTEM                         2E1168309B5B9B7A

Lack of Case Preservation
Another weakness in the Oracle password hashing mechanism is the lack of alphabetic case preservation. Before the password hash is calculated, the user’s password is converted to all uppercase characters, regardless of the input case selection.
This behaviour represents a significant weakness in the password hashing algorithm, as it reduces the number of possible passwords,

@>alter user system identified by P1;
User altered.
@>select username, password from dba_users where username = ‘SYSTEM’;
USERNAME                       PASSWORD
—————————— ——————————
SYSTEM                         2E1168309B5B9B7A

1.       Force complex password & length
Force use complex password. Refer to ?/rdbms/admin/utlpwdmg.sql.
We must specify a standalone function owned by SYS, but can use subprocedures/functions/package in this function.
We can use double quotation marks to involved special symbol, increases the choice of characters. But in some logon tools, it maybe encounter issues.

2.       Force password lifetime
Specify profile attribute to limit password lifetime. If this password policy has been introduced, password changed will be recorded in user_history$ table.

Since Oracle 10g R2, the default profile’s password life changed from unlimited to 10 days, if your database be upgraded from low release, use the default profile and PASSWORD_LIFE_TIME is unlimited, then you need keep an eye on it.

3.       Lock unused accounts, change default password

4.       Restrict access to password hashes & Audit

@>audit SELECT on dba_users;
Audit succeeded.

@>audit select on sys.user$;
audit select on sys.user$
ERROR at line 1:
ORA-00701: object necessary for warmstarting database cannot be altered

User$ is a specific table, used when database bootstrap, you can’t audit it.

Change password through password command, the password will be encrypted and then be sent through network.
While alter user XXX identified by command will be sent with clear text.

Changing password for TEST
Old password: ****
New password: ****
Retype new password: ****
Password changed

Changed in 11g

@>alter user system identified by p1;
User altered.
@>select USERNAME,PASSWORD from dba_users where USERNAME=’SYSTEM’;
USERNAME                       PASSWORD
—————————— ——————————
@>select NAME,PASSWORD,SPARE4 from user$ where NAME=’SYSTEM’;
NAME                 PASSWORD                       SPARE4
——————– —————————— ——————————————————————————–
SYSTEM               2E1168309B5B9B7A               S:8388CBF57687E6E8CF97BB672C2EDE394140FADE024E16329E8A2BF2E9BF

@>alter user system identified by p1;
User altered.
@>select NAME,PASSWORD,SPARE4 from user$ where NAME=’SYSTEM’;
NAME                 PASSWORD                       SPARE4
——————– —————————— ——————————————————————————–
SYSTEM               2E1168309B5B9B7A               S:09043B9ABFA366DF41DD16DE6768FDC04C57EF1374E0B04DAC8616716074

[oracle@chen ~]$ echo -ne “p1\x74\xE0\xB0\x4D\xAC\x86\x16\x71\x60\x74″|sha1sum
09043b9abfa366df41dd16de6768fdc04c57ef13  –

Enter value for parameter: case
old   6: ksppinm like lower(’%&parameter%’)
new   6: ksppinm like lower(’%case%’)
NAME                                     VALUE                                    DESCRIPTION
—————————————- —————————————- —————————————-
_case_sensitive_logon                    TRUE                                     case sensitive logon enabled
sec_case_sensitive_logon                 TRUE                                     case sensitive password enabled for logon

sys@DMS>alter user test identified by test;
sys@DMS>conn test/test
ORA-01017: invalid username/password; logon denied
Warning: You are no longer connected to ORACLE.

test@DMS>conn /as sysdba
sys@DMS>show sqlcase
sqlcase UPPER
sys@DMS>conn test/TEST
test@DMS>conn /as sysdba
sys@DMS>set sqlcase mixed
sys@DMS>alter user test identified by Test;
sys@DMS>conn test/TEST
ORA-01017: invalid username/password; logon denied
Warning: You are no longer connected to ORACLE.
sys@DMS>conn test/Test

You can find that password hash value doesn’t display in dba_users. There’re two password encryption values in user$, one is the same as before, this is still one weakness, another encrypted with SHA-1, it changes every time when changed password, even though the password is the same (is the time be used to generate salt?). There’s one initial parameter to control password case-sensitive.
The new encryption algorithm is simple. Oracle generates 10 bytes salt, the password and the salt are concatenated and SHA-1 hash is generated from the concatenated value. The result value is stored in the spare4 column of the sys.user$ table.


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: