Confusion PHP Blowfish

I've been researching the best procedures for protecting passwords in php applications. Formally, I would use something similar (just an example, don't shoot!):

$salt = md5(rand() . md5(rand() . '$%E$%SDRT');
$password = md5('supersecret', $salt);

      

Then I would create a different salt for each password in the database to prevent rainbow tables from being used.

Take a look online, though it seems like most (wise) people are moving towards bcrypt (). There are many questions as to how it works, why it works, etc., but I don't understand how much safer it is? Note that I may be confused about my understanding here.

I understand that when you use crypt ($ pass, $ salt) the salt actually works as an indicator for crypto to tell you to use algorthim. According to the php manual you are using "$ 2a $ 07" which says crypt uses blowfish on log2 rounds. Then it spits out a string containing salt as a prefix.

example from manual:

Blowfish:     $2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi

      

It also seems that the salt remains static for all passwords. I don't understand how safe it is. It seems even easier for a hacker to find the salt (it doesn't even need to pull it out of the salt column), and there is a beacon at the beginning indicating the rounds used and the algorithm. How can it be more secure? I know that more rounds improve hardware performance, make it scalable, and increase the time it takes to crack a password (due to cost), but also indicates exactly how it was done.

Also, I am someone who loves to write as much of my application as possible in order to get a more complete picture of the work and would prefer to avoid openness if possible. I don't like being dependent on other people's code and in turn absorbing their vulnerabilities. I would rather be responsible for my own vulnerabilities and fix them myself.

One more thing. If you increase the number of rounds, does this mean that the current password hashes will not match the hash in the database? Do you have to reset all user passwords or are you slowly moving them to a new number of rounds the next time you log in?

As I said, this is just my understanding, so it might just be my understanding that gets mixed up. I don't think this is one of those cases where you can just "try to fail" because if you can't, you can watch nothing more than a broken application ...

What I read:

What is the correct format for blowfish juice using PHP crypt?
PHP Manual - Crypt
Openwall phpass
How to generate and store password hashes with Blowfish in PHP
How do you use bcrypt to hash passwords in PHP?

+3


source to share


2 answers


As I understand it, your question is "Why is variable salt hashing more secure?"

There is only one thing: it is always brute force, and if the salt is constant, you can β€œcrack” all passwords with just one brute force cycle. (If the hash is equal to one from the database - we know the user's password).



For simple hash functions md5 () and sha1 (), it is also possible to store the generated hashes of punched passwords in a database (for future use). This method allows hackers to figure out almost all passwords in seconds.

0


source


It also seems that the salt remains static for all passwords. I don't understand how safe it is.

You need to use the bit script a little differently. Do not pass the real password as a password parameter. You can add, add or place in the middle of the line some generated "salt" line. Then store the salt with the output hash in storage.

When the user enters their password, then get the salt, repeat the same with the salt and bcrypt () and compare the results with the stored hash.



Using salt in this way will block the use of regular rainbow tables as @clover mentioned.

Also, the simpler solution is usually the better solution. A simple rand () should suffice to salt passwords.

0


source







All Articles