Unencrypted password impossibilities
I'm currently playing around with standard web-site logons, and how to bolster security a bit.
It is common practice to MD5 hash the user's password and store this in your user database. When they authenticate at a later date, this is done again and you compare the hashes.
Most web developers are aware of individually "salting" each password with a unique code to prevent the use of Rainbow Tables. And most know that you need to use HTTPS to ensure against session/cookie hi-jacking.
And whilst generating SSL certificates is child's play, and the overhead of encryption is minimal in this day of cheap hardware - public certificate authorities still charge a small fortune for certificates.
Generating your certificates yourself is not an option as they won't validate in browsers and the complication of getting users to trust other CAs is never going to happen.
So how can we send at least passwords over the wire encrypted? HTTP has Digest authentication, which hashes the password with a unique one-off ID. Whilst this prevents passwords from being leaked, it means we cannot check that the password is valid against our database unless we store the unencrypted password so we can also hash it and compare the results.
We could use the same nonce each time, but this would undermine the protocol and make it insecure and brings us all the way back to square one of easily crackable passwords.
The cheap solution? Not sure yet...