[SERVER-7540] The MongoDB challenge response authentication takes place over clear text Created: 02/Nov/12  Updated: 15/Feb/13  Resolved: 02/Nov/12

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: 2.2.0
Fix Version/s: None

Type: Improvement Priority: Minor - P4
Reporter: Simon Harvey Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

RHEL 6.2


Participants:

 Description   

The following process appears to be used for authenticating the client:

1. Client sends getnonce command to server.
2. Server replies with a random 16 character nonce.
3. Client creates a key using the following formula:

Key = MD5(nonce + username + MD5(username + “:Mongo:” + password))

4. Client sends the key, nonce, and the username to the server
5. Server compares the key to check whether or not to authenticate the user.

The fact that the server uses a randomly generated nonce eliminates
the risk of a replay attack. However, a malicious user could listen to
the whole authentication conversation on the wire and attempt to brute force the password. The nonce and the username are known
so the malicious user would only need to guess the password and
compare keys.



 Comments   
Comment by Simon Harvey [ 09/Nov/12 ]

Andy,

Apologies for the delay responding on this - I had originally thought that this testing had been done with SSL already in place, but have just had confirmation from the tester that this wasn't the case and after re-testing he has confirmed that everything is correctly encrypted when SSL is used - so please close this down.

Regards,

Simon.

Comment by Andy Schwerin [ 02/Nov/12 ]

The solution for users on insecure networks is to use SSL or TLS support in Mongo to secure connections, or (less common) to construct a secure VPN.

Generated at Thu Feb 08 03:14:49 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.