Page 1 of 1
[SOLVED] Another crypt() question
Posted: Tue Jan 25, 2005 9:03 pm
by charp
An odd little occurance here...
I'm using the following for a simple password protected system:
Code: Select all
$password=crypt($userpassword); //let the salt be automatically generated
Then to verify the users password, this bit:
Code: Select all
if (crypt($enteredpassword,$password)==$password) {
echo "password verified!";
} else {
echo "password rejected!";
}
So, I'm a little confused as to why the use of the crypted original password as the salt for the entered password will match the crypted original password when the entered password is the same as the original un-crypted password. I hope that's a sentence, but it's not really my main question. If anyone can help here, I'd appreciate it. However, the primary reason for this post follows.
Here's the deal. I've got it in use and it works. To test things out, I entered a completely incorrect password. Rejected. I entered in the correct password but left off the last letter. Rejected. I entered the correct password but added an extra letter. Rejected. Everything is fine except for one single password that won't behave. If the password is "margaret" (without the quotes), I get the verified message even when I add extra letters to then end. Add one, add many, it always matches.
What's up with this behavior? Can anyone shed some light on this curiosity?
Thanks in advance.
Posted: Tue Jan 25, 2005 11:31 pm
by cob05
Hi charp,
I think you'll find your answer here:
viewtopic.php?p=154244#154244
Specifically this part:
magicrobotmonkey wrote:The standard DES-based encryption crypt() returns the salt as the first two characters of the output. It also only uses the first eight characters of str, so longer strings that start with the same eight characters will generate the same result (when the same salt is used).
Is there any particular reason why you are using crypt() instead of md5()? Just curious...
cob05
Posted: Wed Jan 26, 2005 8:42 pm
by charp
cob05,
Geeze. And I read that post too. Must have glossed over that bit too quickly. "Margaret" is exactly 8 characters. Mystery solved. Thanks so much for pointing that out.
As for crypt() versus md5(), there's no particular reason. This is really my first stab at encryption, so I just looked for something that was simple to implement. crypt() seemed to do the job, so I didn't look any further. md5(), I gather, is a much stronger encryption so I do want to explore its use. The application where I plan to use the crypt() passwords does not have a need for any real security. Perhaps there's something I'm unaware of ????
Posted: Wed Jan 26, 2005 9:03 pm
by feyd
md5() and sha1() are both, not encryptions. They are known as hashes. And as such, are a pain to "decrypt", as it typically requires brute forcing it.
md5 has come under fire recently as being potentially faulty. sha1 is considering very solid and safe. sha1 is a higher order hash.
Posted: Wed Jan 26, 2005 11:45 pm
by cob05
hi charp,
lol, it was funny because I read your post and then read the other right after and when I saw the bit that I quoted above I went "oh, here's the answer"
feyd is absolutely right. MD5 is a hash (or a one-way pad) and it is vulnerable to a brute force attack. In 2004 collisions were found (I think using a parallel cluster similar to the DES Cracker that was built a few years ago), these collisions showed that two values could have the same hash generated. From what I've read this is a very rare occurance and MD5 is still widely used for authentication (I still use it).
Here is a little on the history of MD5 from
wikipedia
MD5 is one of a series of message digest algorithms designed by Professor Ronald Rivest of MIT (Rivest, 1994). When analytic work indicated that MD5's predecessor — MD4 — was likely to be insecure, MD5 was designed in 1991 to be a secure replacement; weaknesses were indeed subsequently found in MD4 by Hans Dobbertin.
In 1996, Dobbertin announced a collision of the compression function of MD5 (Dobbertin, 1996). This was not quite an attack on the full MD5 hash function, but it was close enough for cryptographers to recommend switching to a replacement, such as WHIRLPOOL, SHA-1 or RIPEMD-160. In August 2004, Chinese researchers found collisions for MD5. It is still unknown how this discovery will affect the widespread use of MD5.
Hope that helps a little anyway.
Chris
Posted: Thu Jan 27, 2005 11:20 pm
by charp
Thanks cob05 and feyd!
I knew that hash and md5 went together, but I'm not clear on the difference between a crypt and a hash. I thought they must have been pretty much the same. Apparently not. So, now I'm going to look it up.
This forum and its many knowledgeable participants simply rock. I come here with questions, get answers, learn something new, and end up exploring a new topic that's sure to start the cycle all over again.
Posted: Fri Jan 28, 2005 12:29 am
by shiznatix
thats because
you and feyd r0xorz in your b0xorz
