[erlang-questions] Erlang cookies are secure

Per Hedeland per@REDACTED
Fri Jun 10 22:10:47 CEST 2016


Tony Rogvall <tony@REDACTED> wrote:
>
>I am not sure what you mean by sniff cookies?
>
>The distribution has been sending blank cookies since first open source release.
>The distribution do not send the cookie in clear text but rely on a MD5 challenge procedure
>at connection setup.

Hi Tony!

Indeed - and I will take credit for pestering you to fix that just
before the first open source release:-) (I will not divulge what it did
before that...).

>So Erlang is more likely to be vulnerable to connection hijacking since not every message
>is signed.

Yes - the *default* distribution fulfills none of the CIA requirements
(no, not that evil US thing, but Confidentiality, Integrity, and
Availability). But this has nothing to do with the authentication
mechanism as such, and can be fixed by using TLS - which also brings one
or more other authentication mechanisms, but they are not in any
fundamental sense more "secure" than the cookie authentication.

>So keep the nodes safe and away from random users. At least until we get Safe Erlang ( any decade now )

Sure - but this point is actually also confusing in a cookie discussion,
as shown by other messages in this thread - it is about the
*authorization* you automatically get at the point when you have managed
to break the authentication mechanism - i.e. basically you can do
"anything". But this is independent of the strength of the
authentication mechanism itself.

I do find it rather tiresome with this constant ridicule of the cookie
authentication from people who haven't even bothered to do a basic
investigation of how it works, let alone done any actual security
analysis.

And just to put another myth to death, no, you are not required to use
the same cookie on all your distributed erlang nodes - every node is
capable of maintaining a specific cookie for every other node, RTFM
erlang:set_cookie/2.

It is absolutely true that *maintaining* security in a network with
cookie-based authentication can be troublesome, and that e.g. TLS with
certificate authentication can do much better in that respect, as long
as you have mechanisms for certificate revocation properly set up (which
in turn is not entirely trivial to do).

But again, as long as you do not throw your cookies around, AFAIK no-one
has demonstrated any fundamental weakness with the mechanism as such.

--Per



More information about the erlang-questions mailing list