TIP: Click on subject to list as thread! ANSI
echo: ftsc_public
to: ROB SWINDELL
from: ALEXEY VISSARIONOV
date: 2018-03-08 09:06:00
subject: FTS-1027 (BinkP 1.0 CRAM)
Good ${greeting_time}, Rob!

07 Mar 2018 18:52:54, you wrote to All:

 RS> In the development of a new binkp implementation
 RS> (http://wiki.synchro.net/module:binkit), *we* came across a
 RS> deficiency in the FTSC document: FTS-1027.
 RS> Regarding this text:
 RS> 1.3 Generating and Transmitting Challenge Data
 RS> Size and contents of challenge data are implementation-dependent, but
 RS> it SHOULD be no smaller than 8 bytes and no bigger than 64 bytes

64 to 512 bits... that resembles one pretty good cryptographic transform.

 RS> Let it be known that the reference binkp implementation, binkd, has
 RS> (apparently) only ever sent a 16 byte CRAM challenge (no more, no
 RS> less)

IIRC, that's some random data whitened by MD5 hash function. Now MD5 is proven
to be unsafe(*), so the implementations should replace it with not-yet-broken
crypto-safe functions like SHA2 or Skein.

 RS> and some implementations (e.g. Internet Rex) only work (succesfully
 RS> authenticate) if the received challenge is exactly 16 bytes (no more,
 RS> no less).

That's a bug. Have you reported it to the developers of those mailers?

 RS> There's no mention of a 16 byte CRAM challenge (32 hex characters)
 RS> in the specification, but 16 bytes appears to be exactly what all
 RS> existing implementations actually send

8 < 16 < 64

 RS> and probably all any implementation should *ever* send if they wish
 RS> to be compatible will all known existing implementations.

What if they wish to be compatible with the published standard based on very
popular reference implementation?

 RS> I just felt this should be documented, if it isn't already, by the
 RS> FTSC.

Over 80% of all IBN-capable systems use binkd, so its' behavior still is the
current practice, which is exactly documented by FTSC.


(*)
Look at these two images:
http://pics.rsh.ru/img/md5_collision_image2_26j2eiqr.jpg
http://pics.rsh.ru/img/md5_collision_image1_5l7k706x.jpg

Now download them and compare their sizes and MD5 sums :-)


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-cmlxxvii-mmxlviii

... god@universe:~ # cvs up && make world
--- /bin/vi
* Origin: http://openwall.com/Owl (2:5020/545)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.