VIATHINKSOFT/WEBFAN D. Marschall SPECIFICATION No. 4 ViaThinkSoft First Draft: 2023 3 September 2024 === ViaThinkSoft Modular Crypt Format 1.0 (MCF1) === Abstract This document describes how the standards for ViaThinkSoft and Webfan are defined, written, and published. Identification of this Document Revision: 2024-09-03 State: In Force Filename: viathinksoft-std-0004-mcf1.txt URN: urn:x-viathinksoft:std:0004:2024-09-03 OID: 1.3.6.1.4.1.37476.3.0.1.1 { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 specifications(3) misc(0) modular-crypt-format(1) vts-crypt-v1(1) } WEID: weid:pen:SX0-3-0-1-1-5 IETF/RFC: (None) Attachments Reference implementation in PHP: https://github.com/danielmarschall/php_utils/blob/master/ vts_crypt.inc.php Copyright Notice Copyright (c) 2023-2024 ViaThinkSoft and the persons identified as the document authors. All rights reserved. Licensed under the terms of the Apache 2.0 License. Marschall [Page 1] VTS/WF STD. 4 ViaThinkSoft MCF1 3 September 2024 Table of Contents 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 2 MCF Structure . . . . . . . . . . . . . . . . . . . . . . . . . 3 3 Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 4 4 Security Considerations . . . . . . . . . . . . . . . . . . . . 4 5 RA Considerations . . . . . . . . . . . . . . . . . . . . . . . 5 6 References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 6.1 Normative References . . . . . . . . . . . . . . . . . . . 5 6.2 Informative References . . . . . . . . . . . . . . . . . . 5 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 5 Marschall [Page 2] VTS/WF STD. 4 ViaThinkSoft MCF1 3 September 2024 1 Introduction ViaThinkSoft Modular Crypt Format 1.0 performs a simple hash or HMAC operation and stores the result in a Modular Crypt Format compatible string. No key derivation function or iterations are performed. ViaThinkSoft MCF was invented to allow old passwords (e.g. MD5 with salt) to be easily converted to a MCF notation ($...$...$) so that these old passwords can be stored in the same data structure as newer crypt passwords, until they get upgraded to a newer hash. But it can also be used to encapsulate modern hash algorithms like SHA3/512 into a MCF format, so that they can be stored together with other MCF passwords such as bcrypt. Another innovation is to use Object Identifiers (OIDs) as MCF algorithm identifier. Algorithm identifiers such as $1$, $2$, ... are nice to remember and short, but can quickly lead to conflicts, and soon you run out of short identifiers. 1.1 Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2 MCF Structure Format of VTS MCF1: $$$$ is 1.3.6.1.4.1.37476.3.0.1.1 is a=,m=[,i=] where is any valid hash algorithm (name scheme of PHP hash_algos() preferred), e.g. - sha3-512 - sha3-384 - sha3-256 - sha3-224 - sha512 - sha512/256 - sha512/224 - sha384 - sha256 Marschall [Page 3] VTS/WF STD. 4 ViaThinkSoft MCF1 3 September 2024 - sha224 - sha1 - md5 Not possible with MCF1 are these hashes (because they have a special salt-handling and output their own crypt format): - bcrypt [Standardized crypt identifier 2, 2a, 2x, 2y] - argon2i [Crypt identifier argon2i, not standardized] - argon2id [Crypt identifier argon2i, not standardized] Valid parameters: - sp = salt + password - ps = password + salt - sps = salt + password + salt - shp = salt + Hash(password) - hps = Hash(password) + salt - shps = salt + Hash(password) + salt - hmac = HMAC (salt is the key) - pbkdf2 = PBKDF2-HMAC can be omitted if 0. It is required for mode m=pbkdf2. For sp/ps/sps/shp/hps/shps/hmac, it is optional. Like most Crypt-hashes, and are Radix64 coded without padding and with alphabet './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'. 3 Test Vectors Input: Hello World Hash: $1.3.6.1.4.1.37476.3.0.1.1$a=sha3- 256,m=sp$$2Ud0hUTh//swVxoilAltWQ/9LQ189eZcdJ/hA5HkV/C Algorithm: SHA3-256 Mode: sp (Salt || Password) Salt: None Input: Hello World Hash: $1.3.6.1.4.1.37476.3.0.1.1$a=sha3- 256,m=sp$CAT/9cvgCuS$dqNf5hJf0p09lYx.9rvI/c96swTz58tGhipuhobl8Ke Algorithm: SHA3-256 Mode: sp (Salt || Password) Salt: 8 Bytes 4 Security Considerations Hash values play a crucial role in various security contexts, such as password verification. For detailed guidance on securely managing hashes, please consult the relevant literature or documentation. Marschall [Page 4] VTS/WF STD. 4 ViaThinkSoft MCF1 3 September 2024 5 RA Considerations OID: 1.3.6.1.4.1.37476.3.0.1.1 ASN1: { iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) 37476 specifications(3) misc(0) modular-crypt-format(1) vts-crypt-v1(1) } IRI: /.../Specifications/Misc/ModularCryptFormat/VtsCryptV1 WEID: weid:pen:SX0-3-0-1-1-5 6 References 6.1 Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . 6.2 Informative References None Acknowledgements I would like to thank Melanie Wehowski for her long time support in OIDplus and WEID projects. This document was written in Nroff Internet Draft Editor by 3xA Security. https://aaa-sec.com/nroffedit/ https://misc.daniel-marschall.de/patches/nroffedit/ ("year 2020" patch) Authors' Addresses Daniel Marschall Postfach 11 53 69243 Bammental Germany Email: daniel-marschall@viathinksoft.de URI: https://www.viathinksoft.com/ Marschall [Page 5]