Jump to content
SSForum.net is back!

ASSS ChatNet update

X-Demo

By X-Demo
in Development

 Share

Recommended Posts

Cheese Veteran

Cheese

Posted
Posted

plus, if the biller isnt exposed to anyone, and the only things that can interface with it are zones, theres essentially no risk, as a compromised zone doesnt have enough information to crack anything


and what im envisioning is a pure distributed system where any zone could be attached to any biller, and your suggestion directly translates into any number of key servers attached to every biller


and then you get the problem of potentially malicious rogue key servers

SSC Distension Owner
SSCU Trench Wars Developer

3:JabJabJab> sometimes i feel like when im in this mood im like a productive form of Cheese
Dr Brain> Pretty much everything you said was wrong. Except where you called me a lazy jerk with no time. That was true.
3:KrynetiX> do you ever open your web browser and type ?go google
5:Ceiu> Wow. My colon decided that was a good time to evacuate itself.

JoWie Experienced

JoWie

Posted
Posted

That's the easy part. Signups and password changes are only allowed through the (hypothetical, remember) online interface. No zone involvement at all, so no trust issues. Doesn't have to be connected directly to the biller (or even be hosted on the same box), but it would need database access.

 

But this online interface would need some encryption as well, otherwise your password would fly in raw form over the network.

This would require asymetric encryption, very likely in the form of https (TLS).

Now if you have https, why not implement every part using https. All you need to do is distribute Certificate Authority keys with the client (which you do not need to change if a new biller is added with different keys), or use the ones that come with the operating system.

 

This would also take care of the database leak issue, the client connects to the biller on his own.

If you use a very strong method of storing password in the database like scrypt (a very interesting one, it is much harder to parallelize), even if you leak the database you would not be able to login as any player (provided they had chosen a strong password) with a modified client.

 

This is my reasoning for preferring a system that is similar to openid.

Dr Brain Grand Master

Dr Brain

Posted
Posted

Obviously the website would use HTTPS, but it's far easier to create a website than it to use TLS and some zone tunneling system to get the biller and client to talk directly. Plus you have to figure out how to get the info to the zone, which is an extra complication. There's also the question of what >5000 open TLS sockets will do to a billing server. I shudder to think.

 

It could be made to work, of course, but the scheme I proposed has the advantages of being (relatively) simple, not requiring public key distribution, and working with UDP based protocols like SS currently enjoys.

Freedom is the right to be wrong.
JoWie Experienced

JoWie

Posted
Posted

What I envision is that the auth service is _only_ a website. Everything is https, all connections are short lived. Points, chat, banning, whatever is not part of this auth service. This scales out (instead of up) very easily

Setting up such a service is probably a days work.

 

Note that I am ignoring any existing architecture in these ideas. This is mainly because I do not believe in a drop-in replacement (like mysql & mariadb) for continuum (or at least, not worth the effort required)

  • 2 weeks later...
JoWie Experienced

JoWie

Posted
Posted (edited)

Hi,

 

I was just cruising by and thought have you looked at Blowfish as an encryption method for passwords?

 

- Rich -

 

Do you mean bcrypt? Yea i've seen it, I have actually mentioned one that is very similar in this thread, scrypt.

Scrypt has an advantage over bcrypt, you can also vary the memory that is needed to take a guess. This makes it much harder to parallelize.

The downside of scrypt is that it has been researched a lot less. bcrypt has been around for a while. There is a bitcoin alternative that uses scrypt though.

Edited by JoWie
Cheese Veteran

Cheese

Posted
Posted

agreed

SSC Distension Owner
SSCU Trench Wars Developer

3:JabJabJab> sometimes i feel like when im in this mood im like a productive form of Cheese
Dr Brain> Pretty much everything you said was wrong. Except where you called me a lazy jerk with no time. That was true.
3:KrynetiX> do you ever open your web browser and type ?go google
5:Ceiu> Wow. My colon decided that was a good time to evacuate itself.

JoWie Experienced

JoWie

Posted
Posted (edited)

 

This one is interesting: http://srp.stanford.edu/design.html

It does not require storing plain text in the database. And all you need is a hash function and a secure random number generator.

 

C lib: http://code.google.com/p/csrp/

 

In my opinion having to store passwords in cleartext on the client side (or not storing passwords at all) is unacceptable.

 

 

p could be another hash. Just like the method you posted earlier. The database would then need to store xplain and vplain and xhashed and vhashed Web interface would use the first two, client authentication would use the last two.

Edited by JoWie
  • 3 weeks later...
  • 4 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...