Re: password hashing and crypt()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, January 19, 2008 2:11 pm, Nathan Nobbe wrote:
> http://www.php.net/manual/en/function.crypt.php
> has a second parameter, $salt, which, if not supplied will be
> automatically
> generated and presumably become a prefix or suffix of the returned
> string.

Or, in some algorithms, gets buried in the middle at a known offset.

Go figure.

> now, the article on the phpsec website
> http://phpsec.org/articles/2005/password-hashing.html
> recommends to externally create a salt and to store that in a separate
> field
> in the database, which would then be used for subsequent password
> verification.

You would not need to store it separately, as it is built-in to the
crytped value anyway.

> theoretically, however, if the password is generated without a user
> supplied
> salt,
> there is a salt already embedded in the password anyway.

True.

> so, i have the following questions
>
>    1. is the phpsec technique bloated or unnecessary

A bit of bloat, but you have to have a million records or it to even
start to matter, really...

Disk space is cheap, and not going to be your bottleneck.

>    2. is it better to create a user supplied salt, and why or why not

Do *NOT* let PHP pick the salt for you.

Here is why.

Suppose server/host A has Blowfish, Twofish, Redfish, etc, all installed.
PHP will pick the "best" one, and choose the salt that makes sense for
that algorithm.

Now suppose server/host B does NOT have that algorithm installed, and
you have moved to server/host B.
Suddenly, PHP is picking a different algorithm, and your database has
two different kinds of passwords in it, and all kinds of problems
ensue.

If YOU pick the appropriate salt length/format, PHP will "know" which
algorithm you are using, and will error out if that algorithm is not
installed, which means you can do something intelligent (like install
the dang thing) rather than fill up your DB with incompatible password
algorithms.

This has happened to me, and it was a royal PITA.
:-)

>    3. is crypt() 'intended' to be used w/o a user provided salt, since
> it
>    is a stable algorithm

I think the intent of making it optional was Good, but in Practice,
it's just a Bad Idea (tm).

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux