3

i know it's possible to validate user's Windows (e.g. domain) credentials programatically using:

There has come a time when i want to persist those credentails.

i'm using the Data Protection API (via the CredUI API) to encrypt the password. This means that the encrypted data can only be accessed by the user themselves. My program, running as the user, can then decrypt the protected data.

But it also means that a malicious program running as the user can decrypt the protected data; stealing the user's encrypted credentials.

i know that Windows itself does not store the user's password. What they store is the salted and hashed version of the password; and forms the "shared secret" between the user and Windows.

Is there an API that lets me ask Windows if a user's password is valid, when i know the salted hash of the password?

Community
  • 1
  • 1
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219

2 Answers2

0

If you have a domain controller you can talk kerberos protocol and send the key derived from the password to verify user identity. Unfortunately although the malicious program cannot derive the original password from the key it still can still your hash and use it to obtain domain credentials on behalf of the user.

Look here to figure out how to derive the key from the password

http://www.opensource.apple.com/source/Heimdal/Heimdal-172.18/kuser/kinit.c

By the way, Kerberos doesn't use plain salted hashes of the password. The actual Key Generating Function is bit more involved, this is because the passphrase itself doesn't have enough entropy to create unguessable keys. Remember that kerberos should be resilient to eavesdropping attacks.

Vlad
  • 9,180
  • 5
  • 48
  • 67
0

You really don't want to store the Windows password hash, because as has been pointed out that hash can be used to impersonate the user if a domain controller is present. In effect, knowing the actual key in Kerberos is as bad as knowing the password for an attacker. Instead, what you should do is salt the password with a different salt than Windows would use and store that. I'd recommend looking for an implementation of a good password hash like PBKDF2 and using that. See Wikipedia's list of implementations. For information on what Kerberos does for salting passwords see RFC 3962. Windows uses that process for AES, and uses a different process for NTLM and for RC4 Kerberos.

I'm reasonably sure that there is no public API exposed to compare Kerberos salted passwords. I am less familiar with the NTLM APIs.

Community
  • 1
  • 1
Sam Hartman
  • 6,210
  • 3
  • 23
  • 40
  • i really don't want to store the Windows password hash (encrypted). But right now i'm storing the Windows password itself (encrypted). i'd prefer to store some abstract *"token"*, rather than the password. The secrecy of a person's password is more important than being able to impersonate them (i don't care if you can impersonate my domain credentials at work - but i'll lose my mind if you know my *personal private* password). – Ian Boyd Nov 22 '13 at 14:43
  • Sure, and I've pointed you at a solution that meets your constraints at least as you've stated them. – Sam Hartman Nov 22 '13 at 16:30