Passwords that regulate database access must never be passed over the network as plaintext. Instead of the password, its hash must be transmitted, encrypted by a randomly generated sequence of bytes. This is also called the check string. Briefly, network access to the database implements the classical authentication method, ensuring strong protection against information sniffing and protecting against password decoding or a brute-force attack on the password (in theory).
In practice, most database servers contain blatant design errors. For instance, consider MySQL 3. x. The hash function used for the password returns a 64-bit encoded sequence, and the length of the random string is only 40 bits. Consequently, encryption doesn't fully remove all redundant information, and analysis of a large number of captured check strings and random strings allows an attacker to restore the original hash (the password doesn't need to be restored because it is the hash, not the password, that is needed for authentication).
In a slightly simplified form, the encryption procedure appears as shown in Listing 28.1.
// P1/P2 - 4 leftmost/rightmost bytes of the password hash, respectively // C1/C2 - 4 leftmost/rightmost bytes of the random string, respectively seed1 = P1 ^ C1; seed2 = P2 ^ C2 ; for(i = 1; i <= 8; i++) { seed1 = seed1 + (3*seed2); seed2 = seed1 + seed2 + 33; r[i] = floor((seed1/n)*31) + 64; } seed1 = seed1 + (3*seed2); seed2 = seed1 + seed2 + 33; r[9] = floor((seed1/n)*31); checksum =(r[1]^r[9] r[2]^r[9] r[7]^r[9] r[8]^r[9]);
Weak authentication mechanisms were also encountered in other servers. For the moment, however, practically all of them have been eliminated.