[RESOLVED] password encryption

stijnm

Hi,

I don't have too much experience with encryption, so here's my question.

Say I want to encrypt a password. I make sure it can't be empty or under a given string length (say 8 characters), and it's case sensitive. If I use the PHP crypt() method for this, and I set my salt to be a specific substring of the original password (e.g. the 4th and 5th characters of the password), and afterwards scramble the result a bit (like relocating substrings or reversing the string), would it then be easy / possible / quite hard / just not done for anyone with the right knowhow to retrieve my original password?

Is crypt() a good method, or would I be better off using something else?

Thnx

wilku

crypt provides one-way encryption, therfore it can only be broken with brute force attack (trying to log in with random or dictionary based passwords). You don't need to do anything with it, as scrambling etc. adds no security enhancements.
You could crypt your password concatenated with some other, constant string of characters and numbers to make the attacker's life a little harder. For example if he's got the result of the encryption, knows the method and tries to hash some dictionary words to see if he's got the same string (or has the dictionary of already hashed most popular passwords).

laserlight

The reason for this kind of password encryption (hashing, really) is to protect your users in the event that your database is compromised. If your users never reuse passwords and cannot be identified from elsewhere using the details stored in your database, this hashing is pointless. In practice users do reuse passwords, perhaps with only a cosmetic change, and can be identified by their email address, user names, etc, that they use on other websites as well.

If I use the PHP crypt() method for this

My objection to crypt() would be that the Blowfish based algorithm is not likely to be available on Windows, and if you want to use MD5, you might as well use md5(). I suggest using one of the SHA-2 hashes available with [man]hash/man, or [man]sha1/man if that is not available (but it should be).

I set my salt to be a specific substring of the original password (e.g. the 4th and 5th characters of the password)

I am not sure of the implications of that, but the traditional way is to use a (pseudo-) random number generator to generate a salt for each user, then store the salt in the database along with the password hash.

afterwards scramble the result a bit (like relocating substrings or reversing the string)

That's probably pointless. A good cryptographic hash is likely to do more than your cosmetic scrambling.

would it then be easy / possible / quite hard / just not done for anyone with the right knowhow to retrieve my original password?

Part of this depends on how strong are your users' passwords. Remember, your database has been compromised, so the attacker can run the attacks offline.

I used to be against the idea of repeated hashing on the basis that it is not known if such chained hashing introduces weaknesses in the resultant hash function, but on the basis that modern hardware and software allows for relatively fast hash calculation for commonly used cryptographic hashes, I now think that it is a good idea.

I suggest as further reading: Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes

stijnm

Thanks you both. This is very helpfull. Will do the reading up you suggest.

the Blowfish based algorithm is not likely to be available on Windows

I'm developing on a windows 2000 machine with PHP 5. According to my phpinfo, these are my hashing engines :

md4 md5 sha1 sha256 sha384 sha512 ripemd128 ripemd160 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru gost adler32 crc32 crc32b haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5

Apparently no Blowfish here. But crypt() seems to work fine...

I also have a hosting on linux (PHP 5). If I test my function, it does the same on both machines.

In theory, is it possible if I migrate everything (database and all) to another platform, running another PHP version, that basically the same hashing function (crypt or md5 or whatever) will deliver a different result? (Or is this just a stupid question?)

Thnx

laserlight

According to my phpinfo, these are my hashing engines

That information is based on hash(), not crypt(). If you want to find out what algorithms are available for crypt(), try:

<pre>
<?php
echo 'Standard DES: ' . ((CRYPT_STD_DES == 1) ? 'available' : 'unavailable') . "\n"
   . 'Extended DES: ' . ((CRYPT_STD_DES == 1) ? 'available' : 'unavailable') . "\n"
   . 'MD5:          ' . ((CRYPT_STD_DES == 1) ? 'available' : 'unavailable') . "\n"
   . 'Blowfish:     ' . ((CRYPT_STD_DES == 1) ? 'available' : 'unavailable');
?>
</pre>

Having tested this myself, I might be making my claim on outdated information: Blowfish is available on my Windows XP box as well, for PHP5.2.3. Nonetheless, as you can see, hash() offers a wider variety of algorithms.

In theory, is it possible if I migrate everything (database and all) to another platform, running another PHP version, that basically the same hashing function (crypt or md5 or whatever) will deliver a different result? (Or is this just a stupid question?)

Yes, but if all character encoding is kept the same, the hash functions as implemented for PHP should return the same result.

stijnm

Mmmmkay,

As it appears, neither 'Extended DES', nor 'Blowfish' are available on my win 2K.

Think I'll stick with your suggestion to hash() instead of crypt().

Anyway, you are great help. Thanks a bundle!

laserlight

As it appears, neither 'Extended DES', nor 'Blowfish' are available on my win 2K.

Whoops, you led me to look over my example code again, and thus spot my copy and paste careless mistake, which you obviously corrected 🙂

Yeah, extended DES and Blowfish not available on my system here too.

stijnm

You're also blazing fast.

C you around.