md5() I want something Better.

cafrow

Okay, I know that PHP had build in MD5 hashing, this is cool because it is really hard for anyone to referce this, I say that it is hard because someone could brute force the shit out of it and get it to work. 😃

Anyways here is the problem with using the PHP MD5(). It is Server side, NOT clientside. THere for a person is still sending their password and username is PLAIN text across the net for a packet sniffer to pickup. If they are able to get his plain text password they could get that users account without any problem. What I would LOVE to use it a MD5 or SHAE Hashing that is client side, that way the Hash is send over the net, NOT the password. this would mean that a person trying to hack an account would either have to Brute force the Hash to get the password (Would take a good amount of time, Weeks, months, years) or the hacker would have to trick the server into thinking that the hash was send to it, this could be made hard if you used a Session ID so help check the login page to make sure that the login info actually came form the Login.php page and not some remote site.
Also the hacker could NOT just input the Hash they got into the Login.php as that would Hash the Hash and not be the same

Does anyone have a Javascript (Probebly the only way to go, I wish that PHP has client side coding also ). that would Hash the password field before it is send over the net to the server?

Thanks

LordShryku

My buddy google has a truckload of them

cafrow

thanks, I thought that is Java script stuff would be hard, but I am like 20% done with inplementing MD5 client side into my system, I will post the scrips here when I am done with them.

Edit:

Here is what I have so far. For the account creation this is what I do

<script language="JavaScript" src="md5.js"></script>
<table width="100%"  border="0" cellspacing="0">
  <tr>
    <td>
<form action="index.php?pageid=adduser" method="post" >
   <table width="400Px" border="0" cellspacing="0">
    <tr> 
      <td width="200">Create your Username: </td>
      <td width="200"><input name="username" type="text" maxlength="15"></td>
    </tr>
    <tr> 
      <td>Create your Password: </td>
      <td><input name="userpass" type="password" maxlength="32"></td>
    </tr>
    <tr> 
      <td>Enter Password again:</td>
      <td><input name="userpass2" type="password" maxlength="32"></td>
    </tr>
  </table>
  <br><input type="Submit" name="submit" value="submit" 
onclick="userpass.value = hex_md5(userpass.value), 
userpass2.value = hex_md5(userpass2.value)">

  </form></td>
  </tr>
</table>

This send the username with the 2 MD5 hashed passwords to my account creation PHP script where the 2 hashes get compared and the account created if the username does not exist. I was happy this this because the plain text password never leaves the client.

Now for the login it is very simular.

<script language="JavaScript" src="md5.js"></script>

<table width="100%"  border="0" cellspacing="0">
  <tr>
    <td><form action="index.php?pageid=logincheck" method="post">
  Username:<input type="text" name="username"><br>
  Password:<input type="password" name="userpass"><br><br>
  <input type="submit" name="Submit" value="Submit" onclick="userpass.value = hex_md5(userpass.value)">
</form></td>
  </tr>
</table>

Again the password gets hashed before it leaves the client and all that the net is left with is the hash.

Now my next step that I am going to do is find a way for the server to get a random number and ADD that to the password before it is hashed, that way the actuall password hash never leaves the client, just a password + a random number. I was thinking about possibly using the Session ID, that is something I just thought of, I am not sure how random that is but Will work on it right now.

swr

If security is a concern, why not use SSL?

Inventing your own security protocol is usually a bad idea. It's a lot harder than it looks. Most amateurs end up with a system that looks secure, but is actually not very difficult to break.

cafrow

well I guess I can use SSL in conjunction with MD5. and it is not my security, MD5 is a well know security calculation.

swr

MD5 is a well-studied function, but you are using it in a way that is not secure.

All you are implementing is a false sense of security.

You are using MD5 without any extra processing to slow it down. Your estimate that it would take "weeks, months, years" to brute force a password is way off. If you do the math I think you'll find it's closer to minutes or even seconds, using an ordinary PC.

Also, there is no need for an attacker to brute-force the password because you have nothing to prevent replay attacks (which you have hinted at). You've suggested session ID but that won't help, no matter how random it is. Any extra bits you send will be sent over the same channel as the hash and are thus available to an attacker for replay.

Even if you fix those problems, there may be others that neither of us have noticed.

You really should use SSL. People far smarter than you or I have spent years working out the bugs. If you love your users, you will give them SSL.

cafrow

Okay, what I am doing now is getting all my scripts done, I will have the option for SSL to be used, but I will still use my own ways inside of SSL.

If I do release my scripts like I am planning on doing, I want the users that cannot use SSL to still have something better then text just being send accross the net.

Weedpacket

Originally posted by swr
You are using MD5 without any extra processing to slow it down. Your estimate that it would take "weeks, months, years" to brute force a password is way off. If you do the math I think you'll find it's closer to minutes or even seconds, using an ordinary PC.

Even though MD5 was never intended for password encryption in the first place, this estimate is a woeful underestimate of the time it would take, especially if sensible passwords are used. If passwords can consist of digits 0-9 and lowercase letters a-z and can be anything from 4 to 10 characters in length, that gives a total of 3,760,620,109,731,072 possible passwords: generate a password, compute its MD5, compare with the mystery MD5, go on to the next possible password... And that number doesn't include longer passwords or other characters (like uppercase letters).

If you use a dumb password you're asking for trouble. See http://www.phpbuilder.com/board/showthread.php?s=&threadid=10242570

weekender

what is to stop a person from copying your table (which can be done with view source), creating their own copy of your form, sniffing the md5 packet and logging into an account that way?

I think this is even less secure than having server side md5, as anyone can view your md5.js script and the md5 sent is exactly the same as that stored in the database. If server md5 is used, it is not possible to tell how the password is encrypted before being stored.

oh and cafrow, could you edit your post and put a line break in that script so that we can read the thread without having to scroll horizontally? it winds the hell outta me

cheers

Weedpacket

That's very true: they won't be able to sniff the plain password any more, but they won't need it because it never gets sent to the server anyway. They just need to sniff and use the md5 that does get sent. It might as well be in clear for all the good it does you.

If what you're protecting is so valuable that it needs to be guarded against directed attacks against your system that involve packet sniffing, you might as well use SSL. For a start.

LordShryku

Good points made here. I'd say anyone doing some packet sniffing against you would have enough common sense to download any javascripts you're using. That's usually one of the first places to look for easy exploits. Well, maybe with exception to some script kiddies.

AstroTeg

Originally posted by cafrow
well I guess I can use SSL in conjunction with MD5. and it is not my security, MD5 is a well know security calculation.

MD5 wasn't designed with security in mind. Its just a one-way hashing algorithm that provides acceptable hashing characteristics in an acceptable amount of time.

For security, what you'd probably be interested in doing is looking into public and private keys and the encryption based off of those keys. But the trick is you need to have this implemented at the packet layer, which is why SSL works (its based off the public/private key method).

If you try to implement a security solution in JavaScript you're going to have 2 problems:

Packet sniffers will pick up the data being sent. Granted, they may not be able to read the data itself, but they could play it back against your server and get the data.
You may have site accessibilities issues if/when users leave JavaScript disabled.

If the data travelling between point A and point B must be secure, go with SSL.

cafrow

I just check with my host and I either have to upgrade my account or pay like $10 extra month for SSL. So I am hoping to get something else that works better then MD5 without going to SSL.

I am thinking about the public/Private keys as those COULD be made to be very good. Here is what I am thinking.

THe server generates a Random number that will be the private key, it throws that into the calculation that makes the Public key and that key gets send out with the website so that a Javascript can use that to do a calculation to make the password that is about to be send encrypted. Now the Private key will ALWAYS be server based, the encrypted password will never be the same as the public key is created based on a random private. Now the problem that i see is that someone could get ahold of my MySQL table and steal everything, but that cannot be prevented.

would it make sence to still use MD5 hashing of the password BEFORE it is encrypted and storing the password as a MD5 hash? or is that really not going to do much?

going to search for some Public/Private key scripts now, let me know if any of you have any good ones.

Thanks

AstroTeg

I haven't done much with public/private keys other then research what's involved so I understand what is going on in the world of security. Sorry I'm not much help with working scripts for this.

As for the database, yes, its hard to hide sensitive data in there. As for the password, here's something I just did recently to secure the passwords:

User registers as a new user (validate data, yadda yadda yadda...)
when submitting the user data, md5 hash the password and submit the hash

Anyone who looks into the user table will see the user name and md5 hashed password which byitself is pretty useless.

When the user comes back to log in, here's how the validation works:

User logs in (validate data, yadda yadda yadda...)
Check if user is in database
md5 hash the supplied password and query for the user off of the password and a 2nd credential (aka: user name or whatever) - if the user supplied the exact password, the hash will be in the database.

Now to make the hash a bit trickier, you will want to seed it. So you don't want to just do md5($mypassword). You'll want to make it a little harder than that. So, add a random string to the password like this: md5($mypassword . 'astringgoeshere'). The trick here is the string must be constant whereever you hash the password (otherwise you get a different hash).

So if a dedicated hacker wanted to uncover the passwords, they'd have to get the hash, figure out the constant string you used, and then start looping through all the password combos the user might have come up with. Granted, a good hacker will have already compromised your web server and might have figured out you are using a contast string to produce the hash, but at least you're adding one additional step they have to go and take.

cafrow

Okay, I just found out that my server has OpenSSL installed, I am looking at the examples and am having a hard time finding info on exactly how to work OpenSSL with PHP. I appears to me that OpenSSL needs some kind of Key file and Certificate file to make store private keys in. I am kinda lost here, does anyone have a good readme or site that explains howto setup a PHP script with OpenSSL? I have checked php.net and their examples always confuse me.

Also, this is something I have been wondering, how easy is it for a hacker to findout the SessionID() of a user??

Thanks

Weedpacket

Originally posted by AstroTeg
MD5 wasn't designed with security in mind. Its just a one-way hashing algorithm that provides acceptable hashing characteristics in an acceptable amount of time.

Again, I find myself forced to disagree. MD5's author, Ronald Rivest, stated that "The MD5 algorithm is intended for digital signature applications, where a large file must be 'compressed' in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA." and that "The level of security discussed in this memo is considered to be sufficient for implementing very high security hybrid digital-signature schemes based on MD5 and a public-key cryptosystem."

MD5 has always been designed with security in mind; it's using it to hash passwords that was never in its spec. Like anything else security-related, if you misuse it you'll probably break something and lose your security.

swr

Originally posted by cafrow
Okay, I just found out that my server has OpenSSL installed, I am looking at the examples and am having a hard time finding info on exactly how to work OpenSSL with PHP.

Just google for mod_ssl howto type stuff. From PHP perspective it is no different from non-SSL, so if you're looking for PHP details you won't find much.

Also, this is something I have been wondering, how easy is it for a hacker to findout the SessionID() of a user??

It should be very difficult. But you are talking about preventing passwords from being sniffed. If a badguy is in a position to sniff passwords, sniffing session IDs can be done with exactly the same process. Fortunately SSL will protect you from that, too.

planetsim

May i ask why are you wanting to use Javascript. You can turn that off