http://security.stackexchange.com/questions/5586/why-do-people-think-that-this-is-bad-way-to-hash-passwords
Q:
Well, please tell me, what's wrong with this code
$password = "hello";;
$password = md5($password);
for($i=1;$i<20;$i++){
$password = md5($password);
}
It's exactly same as this one
md5(md5(md5(md5(md5(md5(md5(mD5(md5(md5(md5(md5(md5(md5(md5
(md5(mD5(md5(md5(md5(??md5($password))))))))))))))))))));
and I don't think that attacker with my DB would be able to decrypt any password with lenght > 2
Attacker would have to decrypt this list of md5 hashes to be able to gain plain-password
69a329523ce1ec88bf63061863d9cb14
0dcd649d4ef5f787e39ddf48d8e625a5
5d6aaee903365197ede6f325eb3716c5
cbe8d0c48ab0ed8d23eacb1621f6c5c3
8fa852c5f5b1d0d6b1cb0fad32596c71
91a84cf929b73800d2ff81da28834c64
45b7d5e4d3fca6a4868d46a941076b72
e5b7d9d10fef132829731255ef644319
b3af6ff5f5c7ae757ca816a6cb62f092
150f3682b2e58d1d0e1f789f9ba06982
3f76626950bf31dbc815c667ca4b2b43
44f4c75517671e12946aab3c8c293f98
442256b098b2d88e93428b08b5155308
7fd8ebc5bdff94f24a10decaa1ab64e8
d04bbc863839b720d932a697f0bf443b
de737c934db23c2d1d1026863e7583a8
d745f6394700c4ab1e9ded0924ea35d2
ce9428b51d3a63431c57a435423877b6
7017f40bdb4f1be1f5fae7dd0fc7b907
and with bruteforce, he should try 36 ^ 32 ( * 19) combinations, which is pretty unachivable or am I wrong? Isn't that true?
A:
The wrong things on your method are:
You use way too few iterations (20 is too low, it should be 20000 or more): password processing is still too fast, an attacker with a basic PC will still be able to "try" dozens of millions of passwords per second.
There is no salt: an attacker may attack several passwords with very low per-password cost, e.g. with precomputed tables of hashed passwords (in particular rainbow tables).
You are in the process of inventing your own cryptography. There is nothing wrong with being inquisitive and trying to understand things, but since there is no sure test for knowing whether a given algorithm is secure or not, inventing your own cryptography is often a recipe for disaster. Don't do it.
What you should do is to use bcrypt; there is a PHP implementation in the Portable PHP password hashing framework.
Read more...
http://codahale.com/how-to-safely-store-a-password/
http://stackoverflow.com/questions/420843/need-some-help-understanding-password-salt
No comments:
Post a Comment