<korryd@xxxxxxxxxxxxxxxx> wrote:
Say that your application offers a way for each user to set/change
his own password.
When I (using your application) change my password, you could
combine my new password with a secret value and then send the
result to the PG server (so now the PG server thinks that my
password is my_password+your_secret).
This is a special case of (2,2) secret sharing:
http://en.wikipedia.org/wiki/Secret_sharing
Here the secret is the actual password, a+b, shared into two parts, a
and b. The above scheme suffers from the problem that the user now
knows quite a lot about the secret. If this is an issue, there are
more sophisticated combining schemes that give the user no advantage
over someone who knows neither half of the secret.
- John D. Burger
MITRE
