I told you so: Oracle password protection flawed

Schneier has blogged a paper published on the SANS site that exposes the weakness of the Oracle password hashing algorithm. Reading this gives me a warm feeling of validation as I think back to a number of debates I have had with colleagues over the past few years. These debates typically went like this:

Colleague: "Chris, why does your design include building a password hashing algorithm when we could just use [insert commercial database name here]'s password encryption function?"

Chris: "Because I want to be able to demonstrate to our clients that we are protecting passwords with strong cryptographic hashes with a transparent easy to audit process."

Colleague: "But [insert database vendor name here] says this new password protection function is top notch." (Holds up whitepaper from vendor's website)

Chris: "Sigh."

Here is the abstract:

"In this paper the authors examine the mechanism used in Oracle databases for protecting users' passwords. We review the algorithm used for generating password hashes, and show that the current mechanism presents a number of weaknesses, making it straightforward for an attacker with limited resources to recover a user's plaintext password from the hashed value. We also describe how to implement a password recovery tool using off-the-shelf software. We conclude by discussing some possible attack vectors and recommendations to mitigate this risk."