Oracle password

sqysl

是的，我说的就是Encrypted password，你说的one-way hash，应该也算是一种加密算法，而且是单向的，不可逆的。因此，即使入侵者获取了password的密文，他也是不可能得到password加密前的明文的，因此，我说是“解密ORACLE加密口令的可能性更是没有。”

Yong Huang

> 我说的就是Encrypted password，你说的one-way hash，应该也算是一种加密算法

I'm not an expert at cryptography. But I think the terminology you use here is misleading. Indeed they're both cryptographic algorithms. My understanding is that encryption has its reverse function, decryption, but hash or hashing is one way, and cannot be reversed (except by brute force attack of course). So these are two completely different technologies.

I just searched on Wikipedia, and found an entry for an apparent oxymoron, one-way encryption:

http://en.wikipedia.org/wiki/One-way_encryption

where it says "One-way function, a function difficult to invert. Note that encryption is, by definition, reversible. Hence, the term one-way encryption is slightly incorrect in a sense"

That explains many people's loose terminology. When we talk about Oracle's passwords, we should not use the word encryption for that reason. Oracle's dbms_crypto package offers both encrypt and its reverse decrypt function/procedure, and hash function. Note there's no de-hash or reverse hash, because it makes no cryptographic sense.

Yong Huang

[ 本帖最后由 Yong Huang 于 2009-5-23 19:06 编辑 ]

sqysl

非常敬佩YONGHUANG版主严谨的治学精神，他说的也很有道理，本人对密码学并没深入研究，所说有关“加密”的问题也许并不精确。

gy1982329

暴力也没用，oracle有参数控制错误次数。超过次数帐户就lock了

yezhibin

Yong Huang:

   你好！

   我近一段也在看ORACLE PASSWORD的问题，9i、10g和11g的加密算法好像都不太一样。ORACLE密码的生成是采用username+password对应的hash值，所以可以利用BBED修改用户的密码，包括SYS用户，好像ORACLE 10g中的密码是存放在系统表空间数据文件的block_id=90的位置（我是在AIX平台测试过）。
   附件是一些文档，我没有仔细研究过，不知道对你是否有用。

   9i的DES
   10G的128 AES
   11g是192AES

Yong Huang

原帖由 yezhibin 于 2009-6-1 08:20 发表
   我近一段也在看ORACLE PASSWORD的问题，9i、10g和11g的加密算法好像都不太一样。ORACLE密码的生成是采用username+password对应的hash值，所以可以利用BBED修改用户的密码，包括SYS用户，好像ORACLE 10g中的密码是存放在系统表空间数据文件的block_id=90的位置（我是在AIX平台测试过）。
   附件是一些文档，我没有仔细研究过，不知道对你是否有用。
...

Thank you. I quickly went through the documents. They talked about how the password hash is generated in Oracle given a username. Algorithm difference between different Oracle versions seems to exist in TNS protocol only (see "Downgrading the Oracle Native Authentication"), not the algorithm in computing the hash.

My short article is about optimizing the way to feed the brute force program, not about the algorithm the brute force program uses. So I don't know much how the password hash is calculated. If you have any interesting finding, don't hesitate to post.

BTW, the posted articles could be just URL links in your message instead of attachments, unless they can't be found on the Internet.

Yong Huang

kaokao1984

谢谢了 ，在网 上找这些文件都很难，基本上都是死链接，google翻译到时挺强大，死链接竟然翻译出来了，不过连代码都翻译，郁闷，没想到能在这找到这些东西
谢谢