Scott C. Best
sbest "at" best.com
Fri Jun 18 22:57:00 2004
Heyaz. I had a question about VNC passwords. I just got this
snippet from an email newsletter from "marketing "at" TridiaVNC" wherein it
| VNC PASSWORDS ARE SENT IN CLEAR TEXT
| When you type your VNC password to view a remote PC, it is sent in
| clear, unencrypted text. This means ANYONE with common network
| sniffing software can see your password. It will take someone less
| than 2 seconds to take control of any PC on your network that uses
| that password and you won't have a clue they're doing it.
| TridiaVNC Pro encrypts all connections so that all data, including
| passwords, can't be seen by anyone.
While I agree that good encryption of otherwise plaintext
passwords is a Good Idea, I was wondering if something has changed in
the basic VNC platform while I wasn't looking? That is, my understanding
has been that a VNC Viewer doesn't actually transmit a VNC Password
across the network when I start a VNC session. Rather, it uses a form
of "challenge-response passwords" such as:
* VNC Viewer connects with VNC Server
* VNC Server creates a random number and transmits it to the VNC Viewer
* I type my password into the VNC Viewer, and it encrypts the received
random number with the text I type, sending the resulting ciphertext
to the VNC Server.
* VNC Server encrypts the same random number with the stored VNC password,
and then compares the ciphertext it generates with the ciphertext I
transmitted to it.
* If the ciphertexts match, I must have typed in the same password the
VNC Server has stored, and access is granted.
In such a scheme, the only text crossing the network is the
random number and the ciphertext. And if the encryption is a strong
"one-way function", it should be arbitrarily difficult for someone to
sniff these two values and calculate in reverse the password I typed in.
So I guess my question are:
* Do I or does TridiaVNC have this misunderstood?
* If I type in the wrong password, does the VNC Server generate a new
random number for my next attempt, or do I keep "re-using" the first
* What encryption algorithm is used and how "strong" is it to being
* Would it be at all worthwhile to (similar to SSH) use a Diffie-Hellman
transaction so that the initial random challenge was at least encrypted
and not transmitted in plaintext?
Thanks in advance for any thoughts on the above.