Hi internals! Recent incidents have shown that even very large websites still don't get how to do password hashing properly. The sha1 hashes used by Linkedin et al can be easily cracked even by amateurs without special hardware.
What could be the reason for this? Why don't people use bcrypt? It is being recommended already for *years*, but still most people don't seem to make use of it. I think the reason is that it is incredibly hard to use crypt() correctly, mainly for the following reasons: * For many people the syntax is hard to grasp. The hashing algorithm is specified as the salt parameter, which is somewhat non-obvious (at least for me). * The fact that you verify a password using $hash == crypt($password, $hash) is equally non-obvious. * Generating correct salts for bcrypt is quite complicated. It is encoded in some strange base64 format, thus requiring an additional function to create it. Additionally it isn't particularly easy to fetch the random bytes for the salt as you have to check several possibilities for a cross-platform solution (mcrypt initialization vector, openssl, /dev/*random, mt_rand etc). Correctly hashing a password with bcrypt thus requires about a hundred lines of code. So one either has to import a library (and strangely it seems that people don't like to do that!) or has to roll your own (usually implementing some part incorrectly...) Obviously it's somewhat tempting to use a one-liner sha1() hash instead of a hundred line bcrypt hash. So, wouldn't it be better if PHP provided an easy to use API for secure password hashes natively? So you just have to call a single function, which magically handles everything for you (like salt generation). A simple sample API could be two functions password_hash($password) and password_hash_verify($password, $hash). But it could just as well be a fancy, extensible OOP API. I think this would greatly improve the hashing situation for PHP. Thanks, Nikita -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
