Posts: 2
Threads: 1
Joined: Jan 2014
As a web designer I am looking to create a hash that is hard to crack. I found this site and thought to ask for info that anyone can give. I created a somewhat random function with php. Any help and feedback would be very much appreciated.
Code:
function dbHash($password,$name){
global $salt;
if(isOdd(strlen($password))){
return sha1($salt.$password.$name).md5($name.$salt.$password);
}else{
return md5($salt.$password.$name).sha1($password.$name.$salt);
}
}
//
function isOdd( $int )
{
return( $int & 1 );
}
Posts: 649
Threads: 18
Joined: Nov 2010
Would we add something as obscure as that? Probably not.
Would someone come up with a way to work those? Depends on how bad they want in.
Is it secure? No.
Require strong passwords and use a slow algo.
Posts: 2
Threads: 1
Joined: Jan 2014
Is it better than just using md5 or sha1?
I think with the proper motivation nothing is 100 secure. If someone wants to find a way in they will.
Thank you for your reply.
Posts: 100
Threads: 2
Joined: Mar 2012
Unfortunately, that's not really all that secure. Especially if someone manages to leverage your source.
The best way to guarantee decent security is to assume that your source has already been compromised.
Personally, I would recommend using bcrypt with a high iteration count (lets say 10 or 12). Just make sure you are salting per user.
Posts: 100
Threads: 2
Joined: Mar 2012
Just as a P.S.:
No new code bases should be using MD5 or SHA1 for security in the modern age.
Posts: 2,936
Threads: 12
Joined: May 2012
Your algorithm is nothing more than security through obscurity.
Immediate issues identified:
- You're using a "global salt", so it isn't really a salt at all -- it's just a shared secret, which is no longer a secret if the site is compromised. the real salt in your algorithm is the username. so the "salt" adds no additional security whatsoever.
- An attacker does not need to compute both the sha1 and the md5. they can simply grab the first & last 32 characters from each hash, and crack them all as straight salted md5. this would only provide a 2x slowdown since you would have duplicate salts.
- Your algorithm leaks information about the password length. so i can split the hash list into e.g. md5_left and md5_right, and only try even-length passwords on md5_left, and odd-length passwords on md5_right. for brute force attacks, this provides a 2x speedup, negating the 2x slowdown we gained in #2.
Therefore your algorithm is no more secure than md5(pass.salt). Which is pretty awful.
Please do not try to invent your own algorithm. just use password_hash() if you're using PHP 5 >= 5.5.0, or crypt() with CRYPT_BLOWFISH or Openwall phpass if using an older version of PHP.
And if you are truly interested in improving upon the state of the art, then I would recommend checking out the
password hashing competition.
Posts: 67
Threads: 12
Joined: Sep 2011
As the competition link shows, the top 3 methods are PBKDF2/RFC2898/PKCS #5, SCRYPT, and BCRYPT.
For PBKDF2, use HMAC-SHA-512 as your hash algorithm, a per-user cryptographically random salt, and use tens of thousands of iterations. If you want to be even more advanced, use a per-user random number of iterations (for instance, when a user registers, store 64536 + RAND(32768) as the # of iterations, at the same time as you store their CRYTPO_RAND() generated salt).
At least some PBKDF2(HMAC-SHA-512) test vectors are available at
http://stackoverflow.com/questions/15593...st-vectors
Don't roll your own password hashing!