hi, On Tue, Jul 31, 2012 at 2:02 PM, Jonathan Bond-Caron <jbo...@openmv.com> wrote: > On Wed Jun 27 12:32 PM, Arvids Godjuks wrote:
> a) In terms of 'effort' to break many passwords, there's a benefit to the > salt stored in the hash itself. > It's not 'more secure' but 'better/recommended' since the attacker would need > to create a 'rainbow table' for each password it's trying to crack > Overall, the technique offers better protection. > > b) In terms of 'effort' to break a single password, there's **no** benefit to > the salt stored in the hash itself. > > If you want a single password to be really secure, don't let the attacker > know the salt and keep it long: > > // no benefit of short salt, ~ same effort required by the attacker > $password = '234'; > md5($password); > > $salt = '1'; > $password = '234'; > md5($salt . $password); > > c) The best of both worlds: long private salt (b) + different for every user > (a) > $saltInpassword = $password[0]; // could be random bytes, stored in password > like crypt() does > $salt = 'my-long-private-value-use-all-bytes'. $saltInPassword; > $password = '234'; > $hash = md5($salt . $password); > > This one requires more effort by the attacker since the long salt forces more > 'bits/guesses' to pass into md5() > > // require even more effort, iterate > for($i = 0; $i < 1000; $i++) > $hash = md5($i . $hash); This is somehow the 1st implementation (part of) of crypt. See ext/standard for the full code. And md5 is now known to do not be secure enough. IIRC. I would not, but really totally not, begin to try to implement our own little algorithm but rely on standard well tested implementations. Crypt support blowfish, for example. Anthony also works on supporting more algos afair. Cheers, -- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
