SCRAM

This specification describes a family of Simple Authentication and Security Layer (SASL; RFC 4422) authentication mechanisms called the Salted Challenge Response Authentication Mechanism (SCRAM), which addresses the security concerns and meets the deployability requirements. When used in combination with TLS or an equivalent security layer, a mechanism from this family could improve the status quo for application protocol authentication and provide a suitable choice for a mandatory-to-implement mechanism for future application protocol standards. (Newman et al. 2010, 1)

SCRAM provides the following protocol features:

The authentication stored on the database is not sufficient to impersonate a client.
Longer nonces defeat replay attacks
More resistant to dictionary attacks, configurable iteration counts.

Notation

  Hi(str, salt, i):
    U1   := HMAC(str, salt + INT(1))
    U2   := HMAC(str, U1)
    ...
    Ui-1 := HMAC(str, Ui-2)
    Ui   := HMAC(str, Ui-1)
   
    Hi := U1 XOR U2 XOR ... XOR Ui

SCRAM Algorithm Overview

Client Final

# auth message - n=$USER,r=$CLIENT_NONCE,r=$NONCE,s=$SALT,i=$ITER,c=$CHANNE_BINDING,r=$NONCE
n=user,r=fyko+d2lbbFgONRv9qkxdawL,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j,s=QSXCR+Q6sek8bf92,i=4096,c=biws,r=fyko+d2lbbFgONRv9qkxdawL3rfcNHYJY1ZVvWVs7j

References:

Newman, C, A Menon-Sen, A Melnikov, and N Williams. 2010. “Rfc 5802: Salted Challenge Response Authentication Mechanism (Scram) Sasl and Gss-Api Mechanisms.” RFC Editor. https://www.ietf.org/rfc/rfc5802.html.

Backlinks:

Frontend/Backend Protocol (PostgresSQL)