Hi Pierre

I would like to just clarify a few points in your email.

Firstly the article you referred to was published in November 2011. At that time your could query for a MNTNER object and the MD5 hash was returned. Although there was no file available on the FTP site with a list of all MNTNER objects, as you know it was possible to download all the other bulk object files and create a list of all referenced MNTNER objects. There was no limit on how many of these that could be queried so it was not difficult to get a list of all MD5 hashes.

Two days later, in November 2011, another article was published outlining the process of hiding the MD5 hashes
https://labs.ripe.net/Members/denis/securing-md5-hashes-in-the-ripe-database

This was accepted by the community and it was implemented in January 2012
https://www.ripe.net/ripe/mail/archives/db-wg/2012-January/003856.html

Since then it has not been possible to query for a MNTNER and receive the MD5 hash.

In this second article, and again in the announcement to the DB WG, it stated "The RIPE NCC will then contact all the maintainers of MNTNER objects containing passwords and ask them to change these for new, strong passwords." As far as I remember all MNTNER holders with MD5 passwords were contacted and advised to change them.

cheers
Denis Walker
Independent Netizen


From: Pierre Kim <pierre.kim.sec@gmail.com>
To: db-wg@ripe.net
Sent: Monday, 4 May 2015, 22:12
Subject: [db-wg] MD5s of the RIPE database, Deprecation of MD5 and safe authentication methods

Dear Database Working Group Members,

I am contacting you to share the thoughts on the usage of MD5 in the
RIPE database. I already discussed the problems concerning MD5
authentication with RIPE NCC Security<security@ripe.net> on 2 Apr 2015
and RIPE NCC Security officer encouraged me to contact your group to
work together on this issue.

In 2011, I had grabbed all the  MD5s of the RIPE  database before
they  were taken out from the public view and I don't think I was the
only security researcher who downloaded all the hashes.

This john-compatible file (containing MNT logins and MD5 hashs) was
never exposed to public but the  hashs  can  be  (VERY) easily
cracked. From the discussion with RIPE Security (who received a copy
of this file), 27.000 usable hashes (on a total of 36.000) appeared to
be valid til now.

By reading https://labs.ripe.net/Members/kranjbar/password-management-in-ripe-database
, I see : "The MD5 hash is public, when running a single query (not
for bulk queries)."
I assume this was a known problem but the RIPE didn't alert that all
the hashs have been retrieved, although there were some urgency to
change the passwords or to use a safer authentication method.

When I discussed it with RIPE NCC Security, I gave a 90 day disclosure
policy about this "public" information, starting from the 16 Apr 2015.
The 90 day period can be adjusted by adding more days at the end if
RIPE shows a good progress of the migration. I wanted to do
responsible disclosure when I saw the RIPE Responsible Disclosure
Policy which is a Really Good Thing, I think.

According to the RIPE transparency, as recommended by RIPE NCC
Security, therefore I am now contacting this working group to work
together because deprecation of MD5 is an important change in the RIPE
database and it must be debated in a democratic manner.

My analysis is simple: The MD5 authentication is broken for years and
it's time to change to a more secure method. I think people needs to
be encouraged to move to SSO authentication. Using MD5 now is unsafe
and dangerous, especially with unchanged 4 year-old passwords.

Please share your thoughts about this situation. I will be happy to
debate with you.


I want to thank Ivo Dijkhuis, RIPE NCC Information Security Officer,
for the quality of the exchanges we had.

Regards,

--
Pierre Kim
pierre.kim.sec@gmail.com
@PierreKimSec
https://pierrekim.github.io/